CVE Catalog

CVE-2026-57760

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Summary

The Sendcloud Shipping plugin for WordPress has a missing authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. This issue affects versions from n/a through 1.0.29.

Risk Assessment

An attacker can gain unauthorized access to plugin functions, potentially leading to data confidentiality breaches or unauthorized actions within the system.

Recommendation

It is recommended to immediately update the Sendcloud Shipping plugin to the latest available version that fixes this vulnerability.

Original NVD description (English source)

Missing Authorization vulnerability in Sendcloud Sendcloud Shipping allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sendcloud Shipping: from n/a through 1.0.29.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS