Primary

Context

UiPress UiPress Lite Missing Authorization Vulnerability Allowing Access Control Bypass

Vulnerability

A missing authorization vulnerability has been identified in the UiPress Lite WordPress plugin, affecting versions through 3.5.09. This vulnerability arises from incorrectly configured access control security levels, which can be exploited to perform actions reserved for higher privileged users.

Impact

Exploitation of this vulnerability allows for broken access control, enabling users to perform actions without the necessary permissions.

Remediation

Users are advised to update the UiPress Lite plugin to the latest version. If an update is not possible, consult with your hosting provider or web developer for assistance.

Added: Mar 19, 2026, 7:23 AM

Updated: Mar 19, 2026, 7:23 AM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

0.6

exploitability

5.4

remediation

7.9

relevance

4.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

0.6

exploitability

5.4

remediation

7.9

relevance

4.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

UiPress UiPress Lite Missing Authorization Vulnerability Allowing Access Control Bypass

Vulnerability

Impact

Remediation

Affected Products

UiPress UiPress lite

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating