Improper access control in Paragraphs - CVE-2026-13240
Published: June 25, 2026
Paragraphs
Detailed vulnerability description
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to the affected module does not sufficiently restrict access to unpublished library items in lists. A remote user can bypass implemented security restrictions and gain unauthorized access to sensitive information on the system.