CVE-2026-57760
MediumCVSS 5.3Summary
The Sendcloud Shipping plugin for WordPress has a missing authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. This issue affects versions from n/a through 1.0.29.
Risk Assessment
An attacker can gain unauthorized access to plugin functions, potentially leading to data confidentiality breaches or unauthorized actions within the system.
Recommendation
It is recommended to immediately update the Sendcloud Shipping plugin to the latest available version that fixes this vulnerability.
Original NVD description (English source)
Missing Authorization vulnerability in Sendcloud Sendcloud Shipping allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sendcloud Shipping: from n/a through 1.0.29.

