What is CVE-2026-6798?

CVE-2026-6798 is a medium-severity vulnerability in 2download Connector For 2dl Hosted Checkout, classified under Missing Authorization. CVSS score: 5.3/10. Published 2026-06-19.

How severe is CVE-2026-6798?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Auth bypass in 2download Connector For 2dl Hosted Checkout

CVE-2026-6798

The 2Download Connector for 2DL Hosted Checkout plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 0.1.5. This is due to the plugin not properly verifying that a user is authorized to perform an…

Vulnerability class: Broken Access Control

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

2download Connector For 2dl Hosted Checkout — versions 0

Weakness classification (CWE)

CWE-862 — Missing Authorization

References

security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com

Frequently asked questions

What is CVE-2026-6798?: CVE-2026-6798 is a medium-severity vulnerability in 2download Connector For 2dl Hosted Checkout, classified under Missing Authorization. CVSS score: 5.3/10. Published 2026-06-19.
How severe is CVE-2026-6798?: Medium severity. CVSS v3 base score is 5.3 out of 10.