CVE-2026-49056 is a high-severity vulnerability (CVSS Score: 7.5) affecting WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin versions <= 4.9.4. This vulnerability allows unauthenticated sensitive data exposure. The vulnerability was published on [cvePublishedAt] and last modified on [cveModifiedAt].
A Missing Authorization vulnerability (CWE-862) in the WebToffee Product Import Export for WooCommerce WordPress plugin allows authenticated attackers with low privileges to exploit incorrectly configured access control security levels. The vulnerability affects all versions from n/a through 2.5.6. The issue was published to the CVE List on 2026-05-27 and carries a CVSS 3.1 score of 4.3 (Medium severity), [truncated]
A Missing Authorization vulnerability (CWE-862) in the Smart Coupons for WooCommerce WordPress plugin allows unauthenticated attackers to exploit incorrectly configured access control security levels. The vulnerability affects all versions prior to 2.3.0 and has been assigned a CVSS 3.1 score of 7.5 (HIGH), indicating significant risk due to network attack vector, low attack complexity, no privileges requ [truncated]