CVE-2026-10753

UNKNOWN 0.0

Site Kit by Google < 1.176.0 - Editor+ Email Reporting Settings Update

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The Site Kit by Google WordPress plugin before 1.176.0 does not properly restrict a REST API write endpoint to administrators, allowing lower-privileged users who have been granted dashboard sharing access (such as Editors) to modify a site-wide Site Kit by Google WordPress plugin before 1.176.0 setting that should only be modifiable by administrators.

Vendor	unknown
Product	site kit by google
Published	Jun 24, 2026

Stay Ahead of the Next One

Get instant alerts for unknown site kit by google

Be the first to know when new unknown vulnerabilities affecting unknown site kit by google are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Site Kit by Google

0 < 1.176.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/824a5c04-c7d6-4286-a499-48452db4d002/

Credits

Shashank WPScan