{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30452", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-22T15:35:46.859Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-04-21T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-21T16:32:19.608Z"}, "descriptions": [{"lang": "en", "value": "Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher privileges. By manipulating the article ID parameter during the duplicate-and-save workflow in textpattern/include/txp_article.php, an attacker can bypass authorization checks and overwrite content belonging to other users."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/textpattern/textpattern"}, {"url": "https://textpattern.com/weblog/textpattern-491-released-security-fixes-patches-and-tweaks"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-284", "lang": "en", "description": "CWE-284 Improper Access Control"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-22T13:56:20.608956Z", "id": "CVE-2026-30452", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T15:35:46.859Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/textpattern/textpattern"}, {"url": "https://textpattern.com/weblog/textpattern-491-released-security-fixes-patches-and-tweaks"}], "descriptions": [{"lang": "en", "value": "Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher privileges. By manipulating the article ID parameter during the duplicate-and-save workflow in textpattern/include/txp_article.php, an attacker can bypass authorization checks and overwrite content belonging to other users."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-21T16:32:19.608Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30452", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-22T13:56:20.608956Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control"}]}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-04-22T14:11:33.472Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-30452", "state": "PUBLISHED", "dateUpdated": "2026-04-21T16:32:19.608Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-21T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:textpattern:textpattern:4.9.0:-:*:*:*:*:*:*", "matchCriteriaId": "E401C6DA-6708-4F7E-B6F6-54718AF3A18E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher privileges. By manipulating the article ID parameter during the duplicate-and-save workflow in textpattern/include/txp_article.php, an attacker can bypass authorization checks and overwrite content belonging to other users."}], "id": "CVE-2026-30452", "lastModified": "2026-05-13T15:18:25.813", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-21T17:16:36.303", "references": [{"source": "cve@mitre.org", "tags": ["Product"], "url": "https://github.com/textpattern/textpattern"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://textpattern.com/weblog/textpattern-491-released-security-fixes-patches-and-tweaks"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "4.9.0"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "textpattern", "vendor": "textpattern"}], "analysis": {"en": {"generated_at": "2026-04-22T19:47:55.652772+00:00", "value": {"mitigation_remediation": ["Apply the official patch released in Textpattern CMS 4.9.1 or later to fix the broken access control issue.", "If a patch is not immediately deployable, restrict duplicate-and-save functionality for low-privilege user groups using the CMS permission settings to block the ability to manipulate article IDs.", "Configure your web server to restrict direct access to txp_article.php or use URL rewriting rules to prevent unauthenticated manipulation of article identifiers."], "summary": {"action": "Patch immediately", "impact": "Unauthorized modification of content owned by higher\u2011privilege users via broken access control"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Textpattern CMS version 4.9.0 and potentially earlier releases that have not applied the patch included in the 4.9.1 security release. It specifically targets the article management subsystem located in txp_article.php and the duplicate-and-save operation exposed to authenticated users.", "description_and_impact": "Textpattern CMS 4.9.0 contains a broken access control flaw that enables authenticated users with low privileges to alter articles belonging to users with higher privileges. The vulnerability arises when the article ID parameter is manipulated during the duplicate-and-save workflow in txp_article.php, allowing an attacker to bypass authorization checks and overwrite target content. This flaw can be leveraged to tamper with confidential or strategically important articles, impacting the integrity of published material and potentially leading to misinformation or loss of trust.", "risk_and_exploitability": "EPSS score is less than 1% and the vulnerability is not listed in CISA KEV. With a CVSS score of 6.5, the flaw enables privilege escalation within the CMS, allowing authenticated users to overwrite content owned by higher-privilege users. The attack vector is an authenticated user manipulating the article ID parameter during the duplicate-and-save workflow. The medium severity combined with the ability to compromise content integrity indicates a significant risk that warrants prompt mitigation."}}}}, "created": "2026-04-21T17:30:37.395889+00:00", "title": "Authenticated Users Can Bypass Access Control to Alter Higher-Privilege Articles in Textpattern CMS 4.9.0", "updated": "2026-04-22T20:00:08.811953+00:00", "vendors": ["textpattern", "textpattern$PRODUCT$textpattern"]}