MEDIUM
DearHive
CVE published 2026-05-27
CVE-2026-49047
A Missing Authorization vulnerability in the DearFlip WordPress plugin allows authenticated users with low privileges to exploit incorrectly configured access control security levels. The vulnerability affects all versions from n/a through 2.4.27. The issue was disclosed on 2026-05-27 and carries a CVSS 3.1 score of 4.3 (Medium severity), indicating limited impact on confidentiality with no impact on inte [truncated]