CVE-2026-4896: WCFM WooCommerce IDOR Vulnerability (HIGH)
Plattform
wordpress
Komponente
wc-frontend-manager
Behoben in
6.7.26
CVE-2026-4896 is an Insecure Direct Object Reference (IDOR) vulnerability in the WCFM – Frontend Manager for WooCommerce plugin for WordPress. This vulnerability allows authenticated attackers with Vendor-level access and above to modify the status of any order, delete or modify any post/product/page. This issue is fixed in version 6.7.26.
So beheben
Update to version 6.7.26, or a newer patched version
Häufig gestellte Fragen
What is CVE-2026-4896?
CVE-2026-4896 is an Insecure Direct Object Reference (IDOR) vulnerability in the WCFM – Frontend Manager for WooCommerce plugin.
Am I affected by CVE-2026-4896?
You are affected if you are using WCFM – Frontend Manager for WooCommerce version 6.7.25 or earlier.
How can I fix CVE-2026-4896?
Upgrade your WCFM – Frontend Manager for WooCommerce plugin to version 6.7.26 or later to resolve this vulnerability.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten