MEDIUM
VillaTheme
CVE published 2026-05-21
CVE-2026-39593
CVE-2026-39593 describes a missing-authorization flaw in the VillaTheme HAPPY WordPress plugin, affecting versions through 1.0.10. The issue is mapped to broken access control (CWE-862) and scored CVSS 6.5 (medium), with network attack conditions and no user interaction required. Because the source corpus does not provide a confirmed fixed version or a clear vendor ownership record, the safest stance is t [truncated]