MEDIUM
Nikki Blight
CVE published 2026-05-25
CVE-2026-24545
A Missing Authorization vulnerability in the QR Redirector WordPress plugin (versions through 2.0.3) allows attackers with low privileges to exploit incorrectly configured access control security levels. The vulnerability, classified as CWE-862, enables authenticated users to perform unauthorized actions due to broken access control mechanisms. The issue was published on May 25, 2026, and modified on May [truncated]