CVE-2026-1141 identifies an improper authorization vulnerability in PHPGurukul News Portal version 1.0, located in the /admin/add-subadmins.php file, which handles the addition of sub-admin users. The vulnerability arises from insufficient authorization checks, allowing attackers with limited privileges to remotely execute unauthorized actions to add sub-admin accounts. The attack vector requires no user interaction and no elevated privileges beyond limited access, making it relatively easy to exploit remotely. The vulnerability impacts the confidentiality and integrity of the system by enabling unauthorized administrative access, which could lead to further compromise of the portal and potentially the underlying server. The CVSS 4.0 score of 5.3 reflects a medium severity, considering the network attack vector, low complexity, no authentication required beyond limited privileges, and no user interaction. No patches or vendor fixes are currently listed, and no known exploits are reported in the wild, but public exploit code exists, increasing the risk of exploitation. The vulnerability is specific to version 1.0 of the PHPGurukul News Portal, a niche content management system, limiting the scope but still posing a significant risk to affected deployments.

For European organizations using PHPGurukul News Portal 1.0, this vulnerability could lead to unauthorized creation of sub-admin accounts, resulting in privilege escalation and potential full administrative control over the news portal. This could compromise the confidentiality of sensitive editorial content, integrity of published news, and availability if attackers disrupt operations or deface the portal. Media organizations, government agencies, and enterprises relying on this software for public communication are at risk of reputational damage and operational disruption. Additionally, unauthorized administrative access could be leveraged to pivot to other internal systems if the portal is integrated within a larger network. The medium severity rating indicates a moderate risk, but the presence of publicly available exploits increases the urgency for mitigation. The impact is heightened in sectors where news integrity and timely communication are critical, such as public broadcasters and governmental information services in Europe.

1. Immediately restrict access to the /admin/add-subadmins.php page using network-level controls such as IP whitelisting or VPN-only access to limit exposure. 2. Implement strict role-based access control (RBAC) within the portal to ensure only fully trusted administrators can access sub-admin management functions. 3. Monitor logs for unusual activity related to sub-admin account creation or access attempts to detect exploitation attempts early. 4. If possible, upgrade to a newer, patched version of PHPGurukul News Portal or migrate to a more widely supported CMS with active security maintenance. 5. Apply web application firewall (WAF) rules to detect and block unauthorized attempts to access or manipulate the vulnerable endpoint. 6. Conduct a thorough security review of all administrative functions to identify and remediate similar authorization weaknesses. 7. Educate administrators about the risk and ensure strong authentication methods are enforced to reduce the risk of credential compromise.