CVE Catalog
CVE-2026-49072
MediumCVSS 6.5Summary
The WooCommerce Anti-Fraud plugin in versions up to 7.2.6 has a broken access control vulnerability that allows unauthorized access to functions.
Risk Assessment
Organizations may be exposed to unauthorized actions, potentially leading to data theft or transaction manipulation.
Recommendation
It is recommended to update the WooCommerce Anti-Fraud plugin to the latest version to mitigate this vulnerability.
Original NVD description (English source)
Unauthenticated Broken Access Control in WooCommerce Anti-Fraud <= 7.2.6 versions.

