Vulnerability in Product Configurator For Woocommerce
CVE-2026-11568
The Product Configurator for WooCommerce WordPress plugin before 1.7.3 does not perform any authorisation or post-status check before returning WooCommerce product data through a public AJAX action, allowing unauthenticated users to retrie…
Affected products
- Unknown Product Configurator For Woocommerce — versions 0
References
- contact@wpscan.com (technical-description, exploit, vdb-entry)