CVE Catalog

CVE-2026-57340

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Summary

The Japanized For WooCommerce plugin version 2.9.12 and earlier contains a vulnerability allowing unauthenticated attackers to bypass access controls. This flaw enables unauthorized access to administrative functions without requiring authentication.

Risk Assessment

The risk involves potential takeover of the WooCommerce store by an unauthenticated attacker, leading to customer data theft, product manipulation, or store disruption.

Recommendation

Immediately update the Japanized For WooCommerce plugin to the latest available version that fixes this vulnerability. Also review access logs for any suspicious activity.

Original NVD description (English source)

Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS