Unauthenticated Insecure Direct Object References (IDOR) in Kirki <= 6.0.11 versions.
Project Subscriptions
Advisories
No advisories yet.
Fixes
Solution
Update the WordPress Kirki Plugin to the latest available version (at least 6.0.12).
Workaround
No workaround given by the vendor.
References
History
Thu, 02 Jul 2026 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Themeum
Themeum kirki Wordpress Wordpress wordpress |
|
| Vendors & Products |
Themeum
Themeum kirki Wordpress Wordpress wordpress |
Thu, 02 Jul 2026 11:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Unauthenticated Insecure Direct Object References (IDOR) in Kirki <= 6.0.11 versions. | |
| Title | WordPress Kirki plugin <= 6.0.11 - Insecure Direct Object References (IDOR) vulnerability | |
| Weaknesses | CWE-639 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-07-02T11:27:11.468Z
Reserved: 2026-06-25T08:03:42.567Z
Link: CVE-2026-57680
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-02T13:30:05Z
Weaknesses