CVE-2026-42674

HIGH NVD

CVSS Score 7.5

Severity HIGH

Published Jun 01, 2026

Vendor unknown

Description

Authentication Bypass by Spoofing vulnerability in AAM Plugin Advanced Access Manager allows URL Encoding. This issue affects Advanced Access Manager: from n/a through 7.1.0.

References

https://patchstack.com/database/wordpress/plugin/advanced-access-manager/vulnerability/wordpress-advanced-access-manager-plugin-7-1-0-bypass-vulnerability-vulnerability?_s_id=cve