CVE-2026-56050 PUBLISHED

WordPress PPOM for WooCommerce plugin <= 33.0.18 - Broken Access Control vulnerability

Assigner: Patchstack
Reserved: 18.06.2026 Published: 25.06.2026 Updated: 25.06.2026

Improper Access Control vulnerability in Themeisle PPOM for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.

This issue affects PPOM for WooCommerce: from n/a through 33.0.18.

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
CVSS Score: 6.5

CVSS 3.1

Vendor	Themeisle
Product	PPOM for WooCommerce
Versions	Default: unaffected affected from n/a to 33.0.18 (incl.)

Update the WordPress PPOM for WooCommerce Plugin to the latest available version (at least 34.0.0).