CVE-2026-1710 in woocommerce WooPayments Plugininformation

Résumé (Anglaise)

The WooPayments: Integrated WooCommerce Payments plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_upe_appearance_ajax' function in all versions up to, and including, 10.5.1. This makes it possible for unauthenticated attackers to update plugin settings.

Responsable

Wordfence

Réserver

30/01/2026

Divulgation

31/03/2026

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
354305	woocommerce WooPayments Plugin Setting save_upe_appearance_ajax élévation de privilèges	285	Non défini	Correctif officiel	CVE-2026-1710

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

◂ PrécédentAperçuSuivant ▸

Interested in the pricing of exploits?

See the underground prices here!