Ghostwire
Home / Vulnerabilities / CVE-2026-40742

CVE-2026-40742: Missing Authorization vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Exploiting Incorrectly...

HIGH CVSS 7.5 EPSS 0.02%

Published: April 15, 2026 | Last Modified: April 15, 2026

Description

Missing Authorization vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio AB Testing: from n/a through

Ghostwire Analysis — What This Means Practically

Exploitation Probability (EPSS): Low — 0.02% (4th percentile)

Low exploitation probability based on current threat landscape data. Standard patching timeline is appropriate.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

CVE Feed
CVE-2026-40742 - WordPress Nelio AB Testing plugin <= 8.2.8 - Sensitive Data Exposure vulnerability

References