What the vulnerability does
01Description
Missing Authorization vulnerability in ArtistScope CopySafe Web Protection wp-copysafe-web allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CopySafe Web Protection: from n/a through <= 5.1.
Explanation of Vulnerability in Simple Terms
02Summary
CopySafe Web Protection versions 5.1 and earlier lack proper authorization checks, allowing authenticated users to modify or disable protection settings they should not have access to. An attacker with low-level account access can alter integrity-critical configurations or disable availability controls. No confidentiality breach occurs. The vulnerability requires valid login credentials to exploit.
What an attacker can do
03Attacker Capabilities
Modify or disable web protection settings without proper authorization.
Potential impact on your site
04Site Impact
Authenticated users can bypass or weaken your site's protection controls.
Conditions required to exploit
05Prerequisites
Attacker must have a valid low-privilege account on the site.
Key dates
06Disclosure timeline
September 26, 2025
CVE published
April 28, 2026
Record updated