CVE-2026-57727
Received Received - Intake

Missing Authorization in Themeum Kirki Plugin

Vulnerability report for CVE-2026-57727, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-13

Last updated on: 2026-07-13

Assigner: Patchstack

Description

Missing Authorization vulnerability in Themeum Kirki kirki allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kirki: from n/a through <= 6.0.13.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-13
Last Modified
2026-07-13
Generated
2026-07-13
AI Q&A
2026-07-13
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
themeum kirki From 6.0.0 (inc) to 6.0.13 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-57727 is a Missing Authorization vulnerability in the WordPress Kirki Plugin (versions 6.0.13 and below). It is a Broken Access Control issue that allows unauthenticated users to perform privileged actions because of missing authorization, authentication, or nonce token checks.

This means that attackers can exploit incorrectly configured access control security levels to gain unauthorized access or perform actions they should not be able to do.

Impact Analysis

This vulnerability can have a significant impact as it allows unauthenticated attackers to perform privileged actions on affected websites using the Kirki plugin.

Because the vulnerability is highly dangerous and likely to be exploited in mass campaigns targeting thousands of websites, it can lead to unauthorized changes, potential website compromise, and loss of control over site functionality.

There is no official patch available yet, so immediate mitigation steps such as applying Patchstack's mitigation rule, updating the plugin when possible, or seeking help from a hosting provider or developer are recommended.

Detection Guidance

The vulnerability allows unauthenticated users to perform privileged actions due to missing authorization checks in the WordPress Kirki Plugin versions 6.0.13 and below.

Detection can involve monitoring for unusual or unauthorized access attempts to Kirki plugin endpoints or actions, especially those that should require authentication.

Since no official patch is available, and no specific detection commands are provided, it is recommended to check web server logs for suspicious requests targeting Kirki plugin URLs or parameters.

Example commands to review logs might include:

  • grep -i kirki /var/log/apache2/access.log
  • grep -i kirki /var/log/nginx/access.log
  • tail -f /var/log/apache2/access.log | grep kirki
  • Use intrusion detection systems or web application firewalls to alert on unauthorized access attempts to Kirki plugin endpoints.
Mitigation Strategies

Immediate mitigation steps include updating the Kirki plugin to a version above 6.0.13 once available.

Since no official patch is currently available, applying the mitigation rule provided by Patchstack to block attacks is recommended.

Other recommended actions include seeking assistance from your hosting provider or a developer to implement temporary access controls or firewall rules to block unauthorized access.

Monitoring for suspicious activity and restricting access to the plugin's functionality until a fix is released can reduce risk.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57727. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart