CVE-2026-57774
Received Received - Intake

Missing Authorization in VW Food Corner

Vulnerability report for CVE-2026-57774, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-13

Last updated on: 2026-07-13

Assigner: Patchstack

Description

Missing Authorization vulnerability in vowelweb VW Food Corner vw-food-corner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Food Corner: from n/a through <= 1.1.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-13
Last Modified
2026-07-13
Generated
2026-07-13
AI Q&A
2026-07-13
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
vowelweb vw_food_corner to 1.1.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

The CVE-2026-57774 vulnerability affects the WordPress VW Food Corner Theme, specifically versions 1.1.0 and earlier. It is classified as a Broken Access Control issue, meaning there is a missing authorization, authentication, or nonce token check in a function.

This flaw could allow an unauthenticated user to perform actions with higher privileges than intended, essentially bypassing security controls that should restrict access.

Impact Analysis

This vulnerability can allow unauthorized users to perform actions they should not be able to, potentially leading to unauthorized changes or disruptions on a website using the VW Food Corner Theme.

Although the severity is considered low with a CVSS score of 5.3 and exploitation is unlikely, the impact includes possible unauthorized access and limited availability issues.

Mitigation Strategies

The CVE-2026-57774 vulnerability affects the VW Food Corner WordPress theme versions 1.1.0 and earlier and is a Broken Access Control issue allowing unauthorized privilege escalation.

As of the report date, there is no official patch available for this vulnerability.

Immediate recommended actions include updating the theme if a newer patched version becomes available, or seeking assistance from your hosting provider or a web developer to implement temporary mitigations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57774. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart