CVE-2025-53302

MEDIUM NVD

CVSS Score 5.3

Severity MEDIUM

Published Jun 02, 2026

Vendor unknown

Description

Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Constructor: from n/a through 1.6.5.

References

https://patchstack.com/database/wordpress/theme/constructor/vulnerability/wordpress-constructor-theme-1-6-5-broken-access-control-vulnerability?_s_id=cve