MEDIUM
Webful Creations
CVE published 2026-05-26
CVE-2026-24638
A Missing Authorization vulnerability in the RepairBuddy WordPress plugin by Webful Creations allows authenticated users with low privileges to exploit incorrectly configured access control security levels. The vulnerability affects RepairBuddy versions from n/a through 4.1121. The issue was published to the CVE List on 2026-05-26 and carries a CVSS 3.1 score of 4.3 (Medium severity), with a vector of CVS [truncated]