CVE-2026-57341 PUBLISHED

Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 versions.

Update the WordPress Colissimo Officiel : Méthodes de livraison pour WooCommerce Plugin to the latest available version (at least 2.10.0).

• HieuPenguinnn | Patchstack Bug Bounty Program finder

• https://patchstack.com/database/wordpress/plugin/colissimo-shipping-methods-for-woocommerce/vulnerability/wordpress-colissimo-officiel-methodes-de-livraison-pour-woocommerce-plugin-2-9-0-insecure-direct-object-references-idor-vulnerability?_s_id=cve

• CWE-639 Authorization Bypass Through User-Controlled Key CWE

• CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels