CVE-2026-9284 | WooCommerce PayPal Payments Plugin up to 4.0.1 on WordPress ppc-create-order/ppc-get-order authorization

Inserito da Angelo Barbosa | Mag 23, 2026 | CVE

A vulnerability marked as critical has been reported in WooCommerce PayPal Payments Plugin up to 4.0.1 on WordPress. This affects the function ppc-create-order/ppc-get-order. This manipulation causes missing authorization.

This vulnerability is tracked as CVE-2026-9284. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-9284 | WooCommerce PayPal Payments Plugin up to 4.0.1 on WordPress ppc-create-order/ppc-get-order authorization

Post correlati

CVE-2024-7963 | CMSMasters Content Composer Plugin up to 1.8.8 on WordPress Shortcode cross site scripting

CVE-2025-38271 | Linux Kernel up to 6.15.2 netdev_lock.h rtnl_create_link null pointer dereference

CVE-2025-24595 | bPlugins All Embed Plugin up to 1.1.3 on WordPress cross site scripting

CVE-2024-35838 | Linux Kernel up to 6.1.75/6.6.14/6.7.2 mac80211 memory leak