CVE Catalog

CVE-2026-42664

HighCVSS 8.2
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

16th percentile - higher than 16% of all known CVEs

Summary

Versions of Motive Commerce Search up to 1.38.2 contain a vulnerability in access control that allows unauthorized access to AI product search features in WooCommerce.

Risk Assessment

Organizations may be exposed to unauthorized access to product data, potentially leading to data leaks or data manipulation.

Recommendation

It is recommended to update Motive Commerce Search to the latest version to mitigate this security vulnerability.

Original NVD description (English source)

Unauthenticated Broken Access Control in AI Product Search for WooCommerce &#8211; Motive Commerce Search <= 1.38.2 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS