CVE-2026-33074 MEDIUM

CVE-2026-33074: Discourse: Vulnerability in discourse-subscriptions plugin allowing users to self-grant to higher tier subscriptions

Vendor Discourse
Product discourse
Weakness CWE-269
Published March 31, 2026
Last update March 31, 2026
View on NVD All CVEs

CVSS base score

6.3/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, a user may be able to purchase a lower tier subscription but grant themselves the benefits that comes along with a higher tier subscription. This issue has been patched in versions 2026.1.3, 2026.2.2, and 2026.3.0.

Key dates

02Disclosure timeline

March 31, 2026 CVE published
March 31, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2023-41954 WordPress ProfilePress plugin <= 4.13.1 - Unauthenticated Limited Privilege Escalation vulnerability CVE-2026-31834 Umbraco Affected by Vertical Privilege Escalation via Missing Authorization Checks CVE-2024-8533 Rockwell Automation OptixPanel™ Privilege Escalation Vulnerability via File Permissions CVE-2024-28241 GlPI-Agent MSI package installation doesn't update folder security profile when using non default installation folder CVE-2023-3467