Missing Authorization vulnerability in Campaign Monitor Campaign Monitor for WordPress forms-for-campaign-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Campaign Monitor for WordPress: from n/a through <= 2.9.0.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Campaign Monitor |
|
| Wordpress |
|
No data.
No data.
References
History
Mon, 12 Jan 2026 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Fri, 09 Jan 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Campaign Monitor
Campaign Monitor for Wordpress Wordpress Wordpress wordpress |
|
| Vendors & Products |
Campaign Monitor
Campaign Monitor for Wordpress Wordpress Wordpress wordpress |
Thu, 08 Jan 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Missing Authorization vulnerability in Campaign Monitor Campaign Monitor for WordPress forms-for-campaign-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Campaign Monitor for WordPress: from n/a through <= 2.9.0. | |
| Title | WordPress Campaign Monitor for WordPress plugin <= 2.9.0 - Broken Access Control vulnerability | |
| Weaknesses | CWE-862 | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published: 2026-01-08T09:17:55.119Z
Updated: 2026-01-12T18:32:30.790Z
Reserved: 2026-01-07T17:39:20.896Z
Link: CVE-2026-0674
Vulnrichment
Updated: 2026-01-12T18:32:21.924Z
NVD
Status : Awaiting Analysis
Published: 2026-01-08T10:15:54.910
Modified: 2026-01-12T19:16:02.077
Link: CVE-2026-0674
Redhat
No data.