Unauthenticated Insecure Direct Object References (IDOR) in Kirki <= 6.0.11 versions.
Project Subscriptions
No data.
Advisories
No advisories yet.
Fixes
Solution
Update the WordPress Kirki Plugin to the latest available version (at least 6.0.12).
Workaround
No workaround given by the vendor.
References
History
Thu, 02 Jul 2026 11:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Unauthenticated Insecure Direct Object References (IDOR) in Kirki <= 6.0.11 versions. | |
| Title | WordPress Kirki plugin <= 6.0.11 - Insecure Direct Object References (IDOR) vulnerability | |
| Weaknesses | CWE-639 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-07-02T11:27:11.468Z
Reserved: 2026-06-25T08:03:42.567Z
Link: CVE-2026-57680
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses