CVE Catalog
CVE-2026-56025
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.24%
15th percentile — higher than 15% of all known CVEs
Summary
The Paymob for WooCommerce plugin version 4.1.2 and earlier contains an unauthenticated broken access control vulnerability. An attacker without authentication can exploit this flaw to gain unauthorized access to plugin functions.
Risk Assessment
The risk includes unauthorized access to sensitive plugin functions, potentially leading to data integrity breaches or unauthorized actions within the WooCommerce system.
Recommendation
It is recommended to immediately update the Paymob for WooCommerce plugin to the latest available version that fixes this vulnerability.
Original NVD description (English source)
Unauthenticated Broken Access Control in Paymob for WooCommerce <= 4.1.2 versions.

