๐Ÿ” CVE Alert

CVE-2026-39705

MEDIUM 5.3

WordPress MIPL WC Multisite Sync plugin <= 1.4.4 - Broken Access Control vulnerability

CVSS Score
5.3
EPSS Score
0.0%
EPSS Percentile
4th

Missing Authorization vulnerability in Mulika Team MIPL WC Multisite Sync mipl-wc-multisite-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MIPL WC Multisite Sync: from n/a through <= 1.4.4.

CWE CWE-862
Vendor mulika team
Product mipl wc multisite sync
Published Apr 8, 2026
Last Updated Apr 13, 2026
Stay Ahead of the Next One

Get instant alerts for mulika team mipl wc multisite sync

Be the first to know when new medium vulnerabilities affecting mulika team mipl wc multisite sync are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Mulika Team / MIPL WC Multisite Sync
0 โ‰ค 1.4.4

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/mipl-wc-multisite-sync/vulnerability/wordpress-mipl-wc-multisite-sync-plugin-1-4-4-broken-access-control-vulnerability?_s_id=cve

Credits

Legion Hunter | Patchstack Bug Bounty Program