CVE Catalog
CVE-2026-57340
MediumCVSS 6.5Summary
The Japanized For WooCommerce plugin version 2.9.12 and earlier contains a vulnerability allowing unauthenticated attackers to bypass access controls. This flaw enables unauthorized access to administrative functions without requiring authentication.
Risk Assessment
The risk involves potential takeover of the WooCommerce store by an unauthenticated attacker, leading to customer data theft, product manipulation, or store disruption.
Recommendation
Immediately update the Japanized For WooCommerce plugin to the latest available version that fixes this vulnerability. Also review access logs for any suspicious activity.
Original NVD description (English source)
Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions.

