Bear Bulk Editor And Products Manager Professional For Woocommerce By Pluginus Net
CVE-2026-1672
|
EUVD-2026-20439
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Primary rating from Vendor (Wordfence) · only source for this CVE.
CVSS VectorVendor: Wordfence
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Lifecycle Timeline
3DescriptionCVE.org
The BEAR - Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5. This is due to missing nonce validation on the woobe_redraw_table_row() function. This makes it possible for unauthenticated attackers to update WooCommerce product data including prices, descriptions, and other product fields via a forged request granted they can trick a site administrator or shop manager into performing an action such as clicking on a link.
AnalysisAI
Cross-Site Request Forgery in BEAR - Bulk Editor and Products Manager Professional for WooCommerce (all versions up to 1.1.5) allows unauthenticated attackers to modify WooCommerce product data including prices, descriptions, and other fields by tricking administrators or shop managers into clicking a malicious link, due to missing nonce validation in the woobe_redraw_table_row() function. CVSS 6.5 reflects the high integrity impact; no public exploit code or active exploitation has been confirmed at analysis time.
Technical ContextAI
This vulnerability is a classic Cross-Site Request Forgery (CWE-352) affecting a WordPress plugin that extends WooCommerce functionality. The woobe_redraw_table_row() function processes product data updates without implementing WordPress nonce validation, which is the standard CSRF protection mechanism in the WordPress ecosystem. WordPress nonces are cryptographic tokens tied to the current user session and action context; their absence allows an attacker to forge requests on behalf of a victim. The vulnerability requires user interaction (UI:R in CVSS) because the victim (typically an administrator or shop manager with elevated privileges) must be socially engineered into visiting an attacker-controlled page or clicking a malicious link. The CPE identifies this as plugin version 1.1.5 and earlier from the vendor realmag777, distributed through the WordPress plugin repository.
RemediationAI
Update the BEAR - Bulk Editor and Products Manager Professional for WooCommerce plugin to a patched version released after 1.1.5. WordPress plugin repository changesets at https://plugins.trac.wordpress.org/changeset/3457263/ and https://plugins.trac.wordpress.org/changeset/3465138/ indicate patch commits; administrators should update through the WordPress plugin dashboard to the latest available version. If an update is not yet available in the WordPress repository, verify the plugin version against the official plugin page and check for security advisories from Wordfence at https://www.wordfence.com/threat-intel/vulnerabilities/id/bc3b5faa-1a29-4fa7-9146-d782adce0b1f?source=cve. As a temporary mitigation, restrict access to WooCommerce product management pages to trusted networks or implement Web Application Firewall (WAF) rules to block suspicious CSRF patterns; however, patching is the primary remediation.
Same weakness CWE-352 – Cross-Site Request Forgery (CSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-fx2j-23gp-92rg