WordPress Really Simple SSL plugin <= 9.5.9 - Broken Access Control vulnerability

Description

Subscriber Broken Access Control in Really Simple SSL <= 9.5.9 versions.

Vendor	Product	Versions
really simple plugins b.v.	really simple ssl	n/a

Tier C

VulDB7h ago

→ No new info (linked only)

CVSS 3.16.5 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CISA KEV✅ Yes

Actively exploited✅ Yes

CWECWE-862

PublishedJun 15, 2026

Last enriched6h agov2

Trending Score96

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

0 upvotes0 downvotes

Last enriched 6h ago

v2Tier C6h ago

Updated severity to CRITICAL and marked the vulnerability as actively exploited.

severityactivelyExploited

via VulDB

v17h ago

Initial creation