CVE Catalog

CVE-2026-49065

HighCVSS 8.2
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.24%

15th percentile - higher than 15% of all known CVEs

Summary

The Hippoo mobile app for WooCommerce versions up to 1.9.5 has an issue with unauthenticated access that may lead to broken access control.

Risk Assessment

Organizations may be exposed to unauthorized access to sensitive user data, potentially resulting in loss of customer trust and financial losses.

Recommendation

It is recommended to update the Hippoo app to the latest version to mitigate this vulnerability and conduct a security audit.

Original NVD description (English source)

Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce <= 1.9.5 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS