What the vulnerability does
01Description
Missing Authorization vulnerability in wprio Table Block by RioVizual riovizual allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Table Block by RioVizual: from n/a through <= 3.0.0.
Explanation of Vulnerability in Simple Terms
02Summary
Table Block by RioVizual versions 3.0.0 and earlier lack proper authorization checks, allowing authenticated users to modify table data they should not have access to. An attacker with low-privilege WordPress account access can alter tables without appropriate permission validation. The vulnerability affects data integrity but not confidentiality or availability.
What an attacker can do
03Attacker Capabilities
Modify table data in the plugin without proper authorization checks.
Potential impact on your site
04Site Impact
Authenticated users can alter table content beyond their intended permissions, risking data corruption or unauthorized edits.
Conditions required to exploit
05Prerequisites
Attacker must have a low-privilege WordPress user account (e.g., Contributor or Author role).
Key dates
06Disclosure timeline
October 27, 2025
CVE published
April 28, 2026
Record updated