PatchSiren

Wombat Plugins CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Wombat Plugins CVE published 2026-06-15

CVE-2026-39499

CVE-2026-39499 is a HIGH-severity vulnerability in Advanced Product Fields (Product Addons) for WooCommerce, with a CVSS score of 7.2. The vulnerability allows for PHP Object Injection and affects versions up to 1.6.19. The CVE was published on 2026-06-15T21:16:45.230Z and last modified on 2026-06-15T21:24:32.790Z.