CVE-2026-57429
Deferred Deferred - Pending Action

Contributor Broken Access Control in Slim SEO

Vulnerability report for CVE-2026-57429, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: Patchstack

Description

Contributor Broken Access Control in Slim SEO <= 4.6.2 versions.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-07-15
AI Q&A
2026-06-25
EPSS Evaluated
2026-07-14
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
rankmath slim_seo to 4.6.2 (inc)
rankmath slim_seo From 4.6.2 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The provided information does not specify how the Broken Access Control vulnerability in Slim SEO versions 4.6.2 and earlier impacts compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2026-57429 is a Broken Access Control vulnerability found in the WordPress Slim SEO Plugin versions 4.6.2 and earlier.

This security flaw allows unprivileged users to perform actions that normally require higher privileges because of missing authorization, authentication, or nonce token checks.

Essentially, it means that users without proper permissions can exploit the plugin to carry out restricted operations.

Impact Analysis

The vulnerability can be exploited by attackers to perform unauthorized actions on websites using the affected Slim SEO plugin versions.

This could lead to unauthorized changes or manipulations within the website's SEO settings or other plugin-related functions.

Attackers could launch mass campaigns targeting thousands of websites regardless of their size or popularity.

The impact is considered low severity with a CVSS score of 6.5, but it still poses a significant risk if left unpatched.

Immediate updating to version 4.7.0 or later is recommended to mitigate this risk.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to update the Slim SEO WordPress plugin to version 4.7.0 or later.

If you are unable to update the plugin yourself, seek assistance from your hosting provider or a developer.

Users of Patchstack can enable auto-updates for vulnerable plugins to ensure timely patching.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57429. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart