Skip to main content

Signature Add On For Woocommerce

1 CVEs product

Monthly

CVE-2026-52694 HIGH This Week

Unauthenticated sensitive data exposure in the Signature Add-On for WooCommerce WordPress plugin versions 2.0 and earlier allows remote attackers to retrieve protected information without credentials over the network. Reported by Patchstack and tracked as CWE-497 (Exposure of Sensitive System Information to an Unauthorized Control Sphere), the issue carries a CVSS 7.5 score driven entirely by confidentiality impact. At time of analysis there is no public exploit identified and no CISA KEV listing, but the trivial attack complexity makes opportunistic scanning plausible.

WordPress Information Disclosure Signature Add On For Woocommerce
NVD
CVSS 3.1
7.5
EPSS
0.2%
EPSS 0% CVSS 7.5
HIGH This Week

Unauthenticated sensitive data exposure in the Signature Add-On for WooCommerce WordPress plugin versions 2.0 and earlier allows remote attackers to retrieve protected information without credentials over the network. Reported by Patchstack and tracked as CWE-497 (Exposure of Sensitive System Information to an Unauthorized Control Sphere), the issue carries a CVSS 7.5 score driven entirely by confidentiality impact. At time of analysis there is no public exploit identified and no CISA KEV listing, but the trivial attack complexity makes opportunistic scanning plausible.

WordPress Information Disclosure Signature Add On For Woocommerce
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy