WPFactory CVE Debriefs

HIGH WPFactory CVE published 2026-06-16

CVE-2026-39437

A high-severity Unauthenticated Cross Site Scripting (XSS) vulnerability was discovered in the Min Max Step Quantity Limits Manager for WooCommerce plugin, affecting versions up to 5.2.2. The vulnerability has a CVSS score of 7.1 and is considered HIGH severity.

WPFactory CVE debriefs

CVE-2026-39437