Detection Guidance

This vulnerability affects the discourse-subscriptions plugin in Discourse versions prior to 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1. Detection involves verifying the installed Discourse version and whether the vulnerable plugin is enabled.

To detect if your system is vulnerable, check the Discourse version and the status of the discourse-subscriptions plugin. If the version is older than the patched releases and the plugin is enabled, your system may be vulnerable.

Specific commands to check the Discourse version and plugin status depend on your deployment method, but generally you can:

• Access the Discourse admin panel and check the version number under 'About' or 'Updates'.
• Check the plugin list in the Discourse admin interface to see if discourse-subscriptions is enabled.
• If you have shell access to the server, you can check the version by running commands like `cd /var/discourse && git show -s --format=%ci HEAD` to see the current commit date, or `grep discourse-subscriptions plugins/*.rb` to verify plugin presence.

No specific network detection commands or signatures are provided for this vulnerability, as exploitation requires user interaction and network access but does not produce distinct network indicators.

Useful 0 Not Useful 0

Executive Summary

This vulnerability exists in the discourse-subscriptions plugin for the Discourse platform. It allows users to gain unauthorized access to subscription-gated groups without completing the required payment.

The issue affects versions prior to 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1 and has been fixed in these versions.

Exploitation requires network access, high attack complexity, and active user interaction, but no special privileges are needed.

Useful 0 Not Useful 0

Impact Analysis

The vulnerability allows unauthorized users to access subscription-gated groups without paying, potentially bypassing payment controls.

However, the severity is classified as low with a CVSS score of 2.1, indicating limited impact on confidentiality, integrity, or availability.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability immediately, you can disable the discourse-subscriptions plugin until you apply the patched versions.

The vulnerability has been fixed in Discourse versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1, so updating to one of these versions is recommended.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows unauthorized users to access subscription-gated groups without payment, which could potentially lead to unauthorized access to restricted content.

However, the severity is classified as low with a CVSS score of 2.1, indicating limited impact on confidentiality, integrity, or availability.

There is no specific information provided about direct impacts on compliance with standards such as GDPR or HIPAA.

Useful 0 Not Useful 0