{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-9185/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-09T15:13:19.602Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-9185","@id":"https://www.cve.org/CVERecord?id=CVE-2026-9185","description":"The 6Storage Rentals plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 2.22.0 via the `userId` parameter of the `six_storage_get_user_info` and `six_storage_update_profile` AJAX actions. This is due to the `six_storage_getUserInfo()` and `six_storage_updateProfile()` functions being registered on `wp_ajax_nopriv_*` hooks and accepting a tenant identifier directly from `$_POST['userId']` without performing any ownership veri"},"products":[{"@id":"cpe:2.3:a:sixstorage:6storage_rentals:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:sixstorage:6storage_rentals:*:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"No fixed version is published yet; monitor the upstream advisory.","timestamp":"2026-06-09T15:13:19.602Z"}]}