CVE Alert & Security Feed

Stats Digest Feeds

← Back to all CVEs

CVE-2026-49110

HIGH NVD

CVSS Score 7.5

Severity HIGH

Published Jun 15, 2026

Vendor unknown

Description

Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce <= 3.1.4 versions.

References

https://patchstack.com/database/wordpress/plugin/upsell-order-bump-offer-for-woocommerce/vulnerability/wordpress-upsell-order-bump-offer-for-woocommerce-plugin-3-1-4-price-manipulation-vulnerability?_s_id=cve