CVE-2026-9284 | WooCommerce PayPal Payments Plugin up to 4.0.1 on WordPress ppc-create-order/ppc-get-order authorization

Inserito da Angelo Barbosa | Mag 23, 2026 | CVE

A vulnerability marked as critical has been reported in WooCommerce PayPal Payments Plugin up to 4.0.1 on WordPress. This affects the function ppc-create-order/ppc-get-order. This manipulation causes missing authorization.

This vulnerability is tracked as CVE-2026-9284. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-9284 | WooCommerce PayPal Payments Plugin up to 4.0.1 on WordPress ppc-create-order/ppc-get-order authorization

Post correlati

CVE-2025-1579 | code-projects Blood Bank System 1.0 /admin/user.php email cross site scripting

CVE-2025-59898 | Flexense Sync Breeze Enterprise Server 10.4.18 /add_exclude_dir cross site scripting

CVE-2024-49288 | VillaTheme Email Template Customizer for WooCommerce Plugin up to 1.2.5 on WordPress cross site scripting

CVE-2025-8190 | Campcodes Courier Management System 1.0 /print_pdets.php ids sql injection