Skip to main content

Email Marketing For Woocommerce By Omnisend

1 CVEs product

Monthly

CVE-2026-42668 HIGH This Week

Information disclosure in the Email Marketing for WooCommerce by Omnisend WordPress plugin versions 1.18.0 and earlier allows unauthenticated remote attackers to bypass authentication controls and access protected data. The flaw is classified as CWE-288 (Authentication Bypass Using an Alternate Path or Channel) and carries CVSS 7.5 driven entirely by confidentiality impact. No public exploit identified at time of analysis, and the issue is not on CISA KEV.

WordPress Information Disclosure Email Marketing For Woocommerce By Omnisend
NVD
CVSS 3.1
7.5
EPSS
0.5%
EPSS 1% CVSS 7.5
HIGH This Week

Information disclosure in the Email Marketing for WooCommerce by Omnisend WordPress plugin versions 1.18.0 and earlier allows unauthenticated remote attackers to bypass authentication controls and access protected data. The flaw is classified as CWE-288 (Authentication Bypass Using an Alternate Path or Channel) and carries CVSS 7.5 driven entirely by confidentiality impact. No public exploit identified at time of analysis, and the issue is not on CISA KEV.

WordPress Information Disclosure Email Marketing For Woocommerce By Omnisend
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy