Skip to main content

Datalogics Ecommerce Delivery

1 CVEs product

Monthly

CVE-2026-39583 CRITICAL Act Now

Unauthenticated privilege escalation in the Datalogics Ecommerce Delivery WordPress plugin (versions ≤ 2.6.62) allows remote attackers to gain elevated privileges on affected WordPress sites without any credentials or user interaction. The flaw, tracked by Patchstack and assigned a CVSS 9.8, enables full compromise of site integrity and confidentiality; no public exploit identified at time of analysis, but the network-reachable, no-auth nature makes opportunistic exploitation likely once details circulate.

Privilege Escalation Datalogics Ecommerce Delivery
NVD
CVSS 3.1
9.8
EPSS
0.4%
EPSS 0% CVSS 9.8
CRITICAL Act Now

Unauthenticated privilege escalation in the Datalogics Ecommerce Delivery WordPress plugin (versions ≤ 2.6.62) allows remote attackers to gain elevated privileges on affected WordPress sites without any credentials or user interaction. The flaw, tracked by Patchstack and assigned a CVSS 9.8, enables full compromise of site integrity and confidentiality; no public exploit identified at time of analysis, but the network-reachable, no-auth nature makes opportunistic exploitation likely once details circulate.

Privilege Escalation Datalogics Ecommerce Delivery
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy