CVE-2026-39714: WordPress G5Plus April theme <= 6.8 - Broken Access Control vulnerability

Q: What is the severity of CVE-2026-39714?

The severity of CVE-2026-39714 is medium, with a CVSS score of 5.3.

Q: How do I fix CVE-2026-39714?

To fix CVE-2026-39714, update the G5Plus April theme to a version greater than 6.8.

Q: What type of vulnerability is CVE-2026-39714?

CVE-2026-39714 is a Broken Access Control vulnerability due to missing authorization checks.

Q: What software is affected by CVE-2026-39714?

CVE-2026-39714 affects the G5Theme G5Plus April theme in versions from n/a through 6.8.

Q: When was CVE-2026-39714 published?

CVE-2026-39714 was published on April 8, 2026.

Published Apr 8, 2026

Updated

Missing Authorization vulnerability in G5Theme G5Plus April g5plus-april allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects G5Plus April: from n/a through <= 6.8.

Affected Software

1 affected component

G5Theme G5Plus April<=6.8

Event History

Apr 8, 2026

CVE Published

via MITRE·08:30 AM

Data Sourced

via MITRE·08:30 AM

DescriptionSeverityWeakness

Data Sourced

via NVD·09:16 AM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2026-39714?

The severity of CVE-2026-39714 is medium, with a CVSS score of 5.3.

How do I fix CVE-2026-39714?

To fix CVE-2026-39714, update the G5Plus April theme to a version greater than 6.8.

What type of vulnerability is CVE-2026-39714?

CVE-2026-39714 is a Broken Access Control vulnerability due to missing authorization checks.

What software is affected by CVE-2026-39714?

CVE-2026-39714 affects the G5Theme G5Plus April theme in versions from n/a through 6.8.

When was CVE-2026-39714 published?