CVE Catalog

CVE-2026-48883

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.24%

15th percentile - higher than 15% of all known CVEs

Summary

There is an unauthenticated broken access control vulnerability in WPC Product Bundles for WooCommerce versions <= 8.5.3.

Risk Assessment

Organizations may be exposed to unauthorized access to resources, potentially leading to data leaks or unauthorized actions.

Recommendation

It is recommended to update to the latest version of WPC Product Bundles to mitigate this vulnerability.

Original NVD description (English source)

Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce <= 8.5.3 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS