Skip to main content

Woocommerce Bulk Edit Products Wp Sheet Editor

1 CVEs product

Monthly

CVE-2026-61952 MEDIUM This Month

Missing authorization in WooCommerce Bulk Edit Products - WP Sheet Editor (versions up to and including 1.8.21) permits authenticated high-privilege users to exploit incorrectly configured access control security levels, resulting in unauthorized bulk modification of WooCommerce product data. The vulnerability stems from CWE-862 (Missing Authorization), where the plugin fails to enforce proper capability checks before executing privileged bulk-edit operations via the network. No public exploit code exists and this CVE is not listed in the CISA KEV catalog at time of analysis, though the integrity-only impact and high-privilege requirement constrain the realistic attack surface.

Authentication Bypass WordPress Woocommerce Bulk Edit Products Wp Sheet Editor
NVD
CVSS 3.1
4.9
EPSS
0.3%
EPSS 0% CVSS 4.9
MEDIUM This Month

Missing authorization in WooCommerce Bulk Edit Products - WP Sheet Editor (versions up to and including 1.8.21) permits authenticated high-privilege users to exploit incorrectly configured access control security levels, resulting in unauthorized bulk modification of WooCommerce product data. The vulnerability stems from CWE-862 (Missing Authorization), where the plugin fails to enforce proper capability checks before executing privileged bulk-edit operations via the network. No public exploit code exists and this CVE is not listed in the CISA KEV catalog at time of analysis, though the integrity-only impact and high-privilege requirement constrain the realistic attack surface.

Authentication Bypass WordPress Woocommerce Bulk Edit Products Wp Sheet Editor
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy