CVE Catalog
CVE-2026-40809
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.33%
25th percentile — higher than 25% of all known CVEs
Summary
A missing authorization vulnerability in Rara Themes Metro Magazine allows exploiting incorrectly configured access control security levels.
Risk Assessment
This issue may lead to unauthorized access to resources, posing a serious threat to the organization's data security.
Recommendation
It is recommended to review and improve the configuration of access control security levels in Metro Magazine to ensure proper user authorization.
Original NVD description (English source)
Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Metro Magazine: from n/a through 1.4.1.

