MEDIUM
mrdollar4444
CVE published 2026-05-21
CVE-2026-4843
CVE-2026-4843 affects the GSheet For Woo Importer WordPress plugin through version 2.3.1. A missing capability check in an admin AJAX restore action allows authenticated users with Subscriber-level access and above to delete the plugin’s Google Sheets API token and configuration options. The issue is an authorization failure with low integrity impact, but it can still disrupt sheet-based import workflows [truncated]