This issue affects DearFlip: from n/a through 2.4.27.
Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 28 May 2026 02:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Dearhive
Dearhive dearflip Wordpress Wordpress wordpress |
|
| Vendors & Products |
Dearhive
Dearhive dearflip Wordpress Wordpress wordpress |
Wed, 27 May 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 27 May 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Missing Authorization vulnerability in DearHive DearFlip allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DearFlip: from n/a through 2.4.27. | |
| Title | WordPress DearFlip plugin <= 2.4.27 - Broken Access Control vulnerability | |
| Weaknesses | CWE-862 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-05-27T17:48:33.038Z
Reserved: 2026-05-27T08:41:55.487Z
Link: CVE-2026-49047
Updated: 2026-05-27T17:48:29.407Z
Status : Deferred
Published: 2026-05-27T15:16:33.227
Modified: 2026-06-17T10:55:27.753
Link: CVE-2026-49047
No data.
OpenCVE Enrichment
Updated: 2026-05-28T02:15:03Z