What the vulnerability does
01Description
Missing Authorization vulnerability in Barn2 Plugins Posts Table with Search & Sort posts-data-table allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Posts Table with Search & Sort: from n/a through <= 1.4.10.
Explanation of Vulnerability in Simple Terms
02Summary
Posts Table with Search & Sort versions 1.4.10 and earlier fail to properly restrict access to sensitive data. An unauthenticated attacker can read information that should be hidden from public users. The vulnerability requires no special setup or user interaction. Site administrators should update to a version newer than 1.4.10.
What an attacker can do
03Attacker Capabilities
Read sensitive information that should be restricted to authenticated users.
Potential impact on your site
04Site Impact
Unauthorized visitors can access private or restricted post data without logging in.
Conditions required to exploit
05Prerequisites
Network access only; no authentication or user interaction required.
Key dates
06Disclosure timeline
September 3, 2025
CVE published
May 12, 2026
Record updated