CVE-2026-4843 – GSheet For Woo Importer

CVE ID :CVE-2026-4843

Published : May 21, 2026, 8:16 p.m. | 44 minutes ago

Description :The GSheet For Woo Importer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the process_ajax_restore_action() function in all versions up to, and including, 2.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete the plugin’s Google Sheets API token and configuration options.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-44417 – Apache CXF: Incomplete fix for CVE-2025-48913 (Untrusted JMS configuration can lead to RCE)

CVE-2026-44618 – Apache CXF: XXE vulnerability in WS-Transfer functionality

CVE-2026-44930 – Apache CXF: LDAP Injection vulnerability in XKMS LDAP Repository

CVE-2026-4635 – Persistent notification timing attack causing server denial of service