CVE Catalog
CVE-2026-40725
CriticalCVSS 9.8Summary
There is an unauthenticated PHP Object Injection vulnerability in WooCommerce Product Filters versions below 2.0.6.
Risk Assessment
An attacker could exploit this vulnerability to perform unauthorized actions in the system, potentially leading to serious security breaches.
Recommendation
It is recommended to update WooCommerce Product Filters to version 2.0.6 or later to mitigate this vulnerability.
Original NVD description (English source)
Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.

