Skip to main content

Signature Add-On for WooCommerce CVE-2026-52694

| EUVDEUVD-2026-36901 HIGH
Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497)
2026-06-15 Patchstack GHSA-rhrc-9gjf-fhp7
7.5
CVSS 3.1 · Vendor: Patchstack
Share

Severity by source

Vendor (Patchstack) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
7.5 HIGH

Unauthenticated network request to a WordPress plugin endpoint discloses stored signature/PII data with no user interaction and no integrity or availability impact.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (Patchstack).

CVSS VectorVendor: Patchstack

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Jun 15, 2026 - 21:26 vuln.today
CVE Published
Jun 15, 2026 - 20:19 cve.org
HIGH 7.5

DescriptionCVE.org

Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce <= 2.0 versions.

AnalysisAI

Unauthenticated sensitive data exposure in the Signature Add-On for WooCommerce WordPress plugin versions 2.0 and earlier allows remote attackers to retrieve protected information without credentials over the network. Reported by Patchstack and tracked as CWE-497 (Exposure of Sensitive System Information to an Unauthorized Control Sphere), the issue carries a CVSS 7.5 score driven entirely by confidentiality impact. At time of analysis there is no public exploit identified and no CISA KEV listing, but the trivial attack complexity makes opportunistic scanning plausible.

Technical ContextAI

The affected component is the Signature Add-On for WooCommerce, a third-party WordPress plugin (CPE cpe:2.3:a:wp_e-signature:signature_add-on_for_woocommerce) that extends WooCommerce checkout/order flows with digital-signature capture, typically used to collect customer signatures on orders, contracts, or terms acceptance. CWE-497 covers the exposure of sensitive system or application data to actors who should not have access - in WordPress plugin contexts this commonly manifests as unprotected REST or admin-ajax endpoints, world-readable upload paths storing signature images/PDFs, or debug/diagnostic output that leaks configuration, file paths, or stored customer data. Because signatures are inherently tied to identity and order data, the exposed material is likely to include personally identifiable information collected at the WooCommerce checkout stage.

RemediationAI

No vendor-released patch version is independently confirmed in the supplied data - the Patchstack advisory describes the vulnerable range as '<= 2.0' but does not name a fixed release, so the most specific actionable status is 'patch availability not confirmed at time of analysis; consult the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/woocommerce-digital-signature/vulnerability/wordpress-signature-add-on-for-woocommerce-plugin-2-0-sensitive-data-exposure-vulnerability for the latest fixed version.' Operators should upgrade to any post-2.0 release published by the wp_e-signature vendor as soon as one is verified, and in the interim either deactivate and remove the Signature Add-On for WooCommerce plugin (the safest control, at the cost of losing in-checkout signature capture), or place a WAF/virtual-patching rule (Patchstack, Wordfence, or equivalent) in front of the WordPress site to block requests to the plugin's endpoints and restrict access to wp-content/uploads paths that may store signature artifacts. Avoid relying solely on .htaccess deny rules for the uploads directory because legitimate WooCommerce assets are often served from the same tree, which can break order receipts and emails.

Share

CVE-2026-52694 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy