Title: Broken access control – plugin vulnerability
Last modified: May 28, 2026

---

# Broken access control – plugin vulnerability

 *  Resolved [kristynakadlecova](https://wordpress.org/support/users/kristynakadlecova/)
 * (@kristynakadlecova)
 * [2 weeks, 4 days ago](https://wordpress.org/support/topic/broken-access-control-plugin-vulnerability-2/)
 * Hi there,
   In version 2.5.14 our Patchstack monitoring service revealed a vulnerability:
   Broken Access ControlA broken access control issue refers to a missing authorization,
   authentication or nonce token check in a function that could lead to an unprivileged
   user to executing a certain higher privileged action.Can you fix that, please?
   Thanks in advance

Viewing 1 replies (of 1 total)

 *  Plugin Author [Benbodhi](https://wordpress.org/support/users/benbodhi/)
 * (@benbodhi)
 * [2 weeks, 2 days ago](https://wordpress.org/support/topic/broken-access-control-plugin-vulnerability-2/#post-18923644)
 * Fixed in 2.5.15

Viewing 1 replies (of 1 total)

You must be [logged in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fbroken-access-control-plugin-vulnerability-2%2F%3Foutput_format%3Dmd&locale=en_US)
to reply to this topic.

 * ![](https://ps.w.org/svg-support/assets/icon.svg?rev=3554681)
 * [SVG Support](https://wordpress.org/plugins/svg-support/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/svg-support/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/svg-support/)
 * [Active Topics](https://wordpress.org/support/plugin/svg-support/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/svg-support/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/svg-support/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [Benbodhi](https://wordpress.org/support/users/benbodhi/)
 * Last activity: [2 weeks, 2 days ago](https://wordpress.org/support/topic/broken-access-control-plugin-vulnerability-2/#post-18923644)
 * Status: resolved