GHSA-cp3w-qhjm-4333HighCVSS 7.5
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce <= 3.1.4 versions.
🔗 CVE IDs covered (1)
📋 Description
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce <= 3.1.4 versions.
🔗 References (3)
- https://nvd.nist.gov/vuln/detail/CVE-2026-49110
- https://patchstack.com/database/wordpress/plugin/upsell-order-bump-offer-for-woocommerce/vulnerability/wordpress-upsell-order-bump-offer-for-woocommerce-plugin-3-1-4-price-manipulation-vulnerability?_s_id=cve
- https://github.com/advisories/GHSA-cp3w-qhjm-4333