Path Traversal Vulnerability in WooCommerce Support Ticket System by Vanquish
CVE-2026-32522
8.6HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 25 March 2026
What is CVE-2026-32522?
A path traversal vulnerability in the WooCommerce Support Ticket System allows attackers to manipulate pathname variables. This can enable unauthorized access to files outside the intended directory, exposing sensitive information or possibly leading to arbitrary file deletion. The issue affects versions prior to 18.5, and users are advised to update to ensure the security of their systems.
Affected Version(s)
WooCommerce Support Ticket System <= n/a