Description
Unauthenticated Insecure Direct Object References (IDOR) in Kirki <= 6.0.11 versions.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
Vendor Solution
Update the WordPress Kirki Plugin to the latest available version (at least 6.0.12).
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Thu, 02 Jul 2026 11:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Unauthenticated Insecure Direct Object References (IDOR) in Kirki <= 6.0.11 versions. | |
| Title | WordPress Kirki plugin <= 6.0.11 - Insecure Direct Object References (IDOR) vulnerability | |
| Weaknesses | CWE-639 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-07-02T11:27:11.468Z
Reserved: 2026-06-25T08:03:42.567Z
Link: CVE-2026-57680
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses