WordPress LatePoint plugin <= 5.2.6 - Insecure Direct Object References (IDOR) vulnerability

Description

A vulnerability labeled as critical has been found in LatePoint Plugin up to 5.2.6 on WordPress. The impacted element is an unknown function. Such manipulation leads to authorization bypass.

Affected Products

Vendor	Product	Versions
LatePoint	LatePoint	n/a

References

https://patchstack.com/database/Wordpress/Plugin/latepoint/vulnerability/wordpress-latepoint-plugin-5-2-6-insecure-direct-object-references-idor-vulnerability?_s_id=cve(vdb-entry)

Related News (1 articles)

Tier C

VulDB7h ago

CVE-2026-32533 | LatePoint Plugin up to 5.2.6 on WordPress authorization

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-639

Published3/25/2026

Last enriched6h agov2

Trending Score48

Source articles1

Independent1

Info Completeness7/14

Missing: cvss, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Version History

Last enriched 6h ago

v2Tier C6h ago

Updated severity to CRITICAL, marked as actively exploited, and provided a new description with more technical detail.

severityactivelyExploiteddescription

via VulDB

v18h ago

Initial creation