CVE-2026-5842 | decolua 9router up to 0.3.47 Administrative API Endpoint /api authorization (Issue 431)

Inserito da Angelo Barbosa | Apr 8, 2026 | CVE

A vulnerability marked as critical has been reported in decolua 9router up to 0.3.47. The impacted element is an unknown function of the file /api of the component Administrative API Endpoint. The manipulation leads to authorization bypass.

This vulnerability is uniquely identified as CVE-2026-5842. The attack is possible to be carried out remotely. Moreover, an exploit is present.

It is suggested to upgrade the affected component.

CVE-2026-5842 | decolua 9router up to 0.3.47 Administrative API Endpoint /api authorization (Issue 431)

Post correlati

CVE-2024-10672 | Multiple Page Generator Plugin up to 4.0.2 on WordPress path traversal

CVE-2024-44043 | 10Web Photo Gallery Plugin up to 1.8.27 on WordPress cross site scripting

CVE-2025-22365 | Eric McNiece EMC2 Alert Boxes Plugin up to 1.3 on WordPress cross site scripting

CVE-2024-31652 | Cosmetics and Beauty Product Online Store 1.0 Search cross site scripting