MEDIUM
Kings Plugins
CVE published 2026-05-25
CVE-2026-27346
A Missing Authorization vulnerability in the B2BKing WordPress plugin allows authenticated attackers with high privileges to exploit incorrectly configured access control security levels. The vulnerability affects all versions before 5.2.10 and was assigned a CVSS 3.1 score of 4.9 (Medium severity). The issue stems from broken access control mechanisms (CWE-862) that could enable unauthorized actions desp [truncated]