Missing Authorization Vulnerability in WooCommerce Order Details by Vanquish
CVE-2026-27374
7.5HIGH
What is CVE-2026-27374?
The WooCommerce Order Details plugin by Vanquish is susceptible to a missing authorization vulnerability, allowing unauthorized access due to improperly configured access control security levels. This flaw affects versions up to 3.1 of the WooCommerce Order Details plugin, potentially exposing sensitive information to unauthorized users.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
WooCommerce Order Details <= n/a
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Phat RiO | Patchstack Bug Bounty Program