CVE 4.3 MEDIUM

WordPress Automatic Featured Images from Videos plugin <= 1.2.7 - Broken Access Control vulnerability_CVE-2026-24535

January 26, 2026 invoker category_cve
4.3 / 10
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Description

Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through <= 1.2.7.

Basic Information

ID CVE-2026-24535
Source Patchstack
Published Jan 23, 2026 at 14:28
Modified Jan 26, 2026 at 19:04

Affected Product

Vendor webdevstudios
Product Automatic Featured Images from Videos
Version n/a
Affected Versions webdevstudios Automatic Featured Images from Videos n/a

CWE Classification

CWE-862

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.