CVE Catalog

CVE-2026-57646

MediumCVSS 5.4
Published: Updated: Translated: NVD NIST

Summary

Insecure Direct Object References (IDOR) vulnerability in Majestic Support versions up to 1.1.7 allows subscribers to access other users' resources by manipulating object identifiers.

Risk Assessment

An attacker with subscriber privileges can access sensitive data of other users, leading to privacy breaches and potential privilege escalation.

Recommendation

Immediately update the Majestic Support plugin to the latest available version that fixes this vulnerability and implement proper access control mechanisms.

Original NVD description (English source)

Subscriber Insecure Direct Object References (IDOR) in Majestic Support <= 1.1.7 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS