MEDIUM
Prasad Kirpekar
CVE published 2026-05-27
CVE-2026-49051
CVE-2026-49051 is a Missing Authorization vulnerability in the WP Meta and Date Remover WordPress plugin, affecting versions from n/a through 2.3.6. The vulnerability allows exploitation of incorrectly configured access control security levels, enabling authenticated attackers with low privileges to potentially access or modify functionality intended for higher-privileged users. The CVSS 3.1 score of 4.3 [truncated]