CVE Catalog
CVE-2026-49060
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk0.04%
13th percentile — higher than 13% of all known CVEs
Summary
The Hippoo Mobile App for WooCommerce has a vulnerability related to incorrect privilege assignment, allowing privilege escalation.
Risk Assessment
Privilege escalation may lead to unauthorized access to sensitive data or application functions, posing a significant security threat to the organization.
Recommendation
It is recommended to update the Hippoo app to the latest version to mitigate this vulnerability and conduct a user privilege audit.
Original NVD description (English source)
Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce: from n/a through 1.9.4.

