WordPress LatePoint plugin <= 5.2.6 - Insecure Direct Object References (IDOR) vulnerability

Description

A vulnerability labeled as critical has been found in LatePoint Plugin up to 5.2.6 on WordPress. The impacted element is an unknown function. Such manipulation leads to authorization bypass.

Affected Products

Vendor	Product	Versions
LatePoint	LatePoint	n/a

References

https://patchstack.com/database/Wordpress/Plugin/latepoint/vulnerability/wordpress-latepoint-plugin-5-2-6-insecure-direct-object-references-idor-vulnerability?_s_id=cve(vdb-entry)

Related News (1 articles)

Tier C

VulDB5h ago

CVE-2026-32533 | LatePoint Plugin up to 5.2.6 on WordPress authorization

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-639

Published3/25/2026

Last enriched4h agov2

Trending Score49

Source articles1

Independent1

Info Completeness7/14

Missing: cvss, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Version History

Last enriched 4h ago

v2Tier C4h ago

Updated severity to CRITICAL, marked as actively exploited, and provided a new description with more technical detail.

severityactivelyExploiteddescription

via VulDB

v15h ago

Initial creation