CVE-2026-54817

MEDIUM NVD

CVSS Score 6.5

Severity MEDIUM

Published Jun 17, 2026

Vendor unknown

Description

Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder MStore API allows Password Recovery Exploitation. This issue affects MStore API: from n/a through 4.18.4.

References

https://patchstack.com/database/wordpress/plugin/mstore-api/vulnerability/wordpress-mstore-api-plugin-4-18-4-broken-authentication-vulnerability?_s_id=cve