MEDIUM
Brainstorm Force
CVE published 2026-05-19
CVE-2026-45442
A Missing Authorization vulnerability in the Presto Player WordPress plugin (versions through 4.1.3) allows authenticated attackers with low privileges to exploit incorrectly configured access control security levels. The vulnerability, classified as CWE-862, was disclosed on May 19, 2026 and carries a CVSS 3.1 score of 4.3 (Medium severity). The issue stems from broken access control mechanisms that fail [truncated]