CVE-2026-2582 | vendidero Germanized for WooCommerce Plugin up to 3.20.5 on WordPress Shortcode account_holder code injection

Inserito da Angelo Barbosa | Apr 14, 2026 | CVE

A vulnerability labeled as critical has been found in vendidero Germanized for WooCommerce Plugin up to 3.20.5 on WordPress. Affected is an unknown function of the component Shortcode Handler. Such manipulation of the argument account_holder leads to code injection.

This vulnerability is referenced as CVE-2026-2582. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-2582 | vendidero Germanized for WooCommerce Plugin up to 3.20.5 on WordPress Shortcode account_holder code injection

Post correlati

CVE-2024-11104 | techfyd Sky Addons for Elementor Plugin up to 2.6.2 on WordPress save_options authorization

CVE-2023-6984 | ideaboxcreations PowerPack Addons for Elementor Plugin up to 2.7.13 on WordPress cross-site request forgery

CVE-2023-40662 | Cookies and Content Security Policy Plugin up to 2.15 on WordPress information disclosure

CVE-2024-32238 | H3C ER8300G2-X Management System Page Login Interface access control