CVE Catalog
CVE-2026-49065
HighCVSS 8.2Exploitation Probability (EPSS)
Low risk0.24%
15th percentile - higher than 15% of all known CVEs
Summary
The Hippoo mobile app for WooCommerce versions up to 1.9.5 has an issue with unauthenticated access that may lead to broken access control.
Risk Assessment
Organizations may be exposed to unauthorized access to sensitive user data, potentially resulting in loss of customer trust and financial losses.
Recommendation
It is recommended to update the Hippoo app to the latest version to mitigate this vulnerability and conduct a security audit.
Original NVD description (English source)
Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce <= 1.9.5 versions.

