CVE-2026-1710 in woocommerce WooPayments Plugininformación

Resumen (Inglés)

The WooPayments: Integrated WooCommerce Payments plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_upe_appearance_ajax' function in all versions up to, and including, 10.5.1. This makes it possible for unauthenticated attackers to update plugin settings.

Responsable

Wordfence

Reservar

2026-01-30

Divulgación

2026-03-31

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
354305	woocommerce WooPayments Plugin Setting save_upe_appearance_ajax escalada de privilegios	285	No está definido	Arreglo oficial	CVE-2026-1710

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

◂ AnteriorVisión De ConjuntoPróximo ▸

Interested in the pricing of exploits?

See the underground prices here!