Filtered by vendor Inpost Pl
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-9702 | 2 Inpost Pl, Wordpress | 2 Inpost Pl, Wordpress | 2026-06-26 | 7.5 High |
| The InPost PL WordPress plugin before 1.9.1 does not verify that the request originates from the legitimate buyer before allowing the WooCommerce order parcel-locker destination to be updated, allowing unauthenticated attackers to silently redirect the shipping destination of any pending or processing order on the site. | ||||
Page 1 of 1.