This vulnerability involves missing authorization checks in the Passionate Brains Add Expires Headers & Optimized Minify plugin (version ≤ 3.2.0). It allows unauthorized users to exploit improperly configured access control mechanisms, potentially leading to denial of service or availability impact. The CVSS 3.1 base score is 5.3, reflecting network attack vector, low attack complexity, no privileges required, no user interaction, and an impact limited to availability loss. No patch or vendor advisory is currently provided, and no exploits are known in the wild.

The vulnerability can be exploited remotely without authentication or user interaction, potentially causing availability issues in the affected plugin. There is no impact on confidentiality or integrity. No known active exploitation has been reported.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, review and tighten access control configurations related to the plugin to prevent unauthorized access. Monitor vendor channels for updates or patches addressing this vulnerability.