CyberRota
← Ana sayfaya dön

CVE-2026-9702

HIGH · CVSS 7.5 EPSS %0.21

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-25T07:16:45.830 · Çekilme zamanı: 2026-06-30T18:33:20.135832+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-9702
Severity
HIGH
CVSS
7.5
EPSS
%0.21
WordPress

Orijinal NVD Açıklaması

The InPost PL WordPress plugin before 1.9.1 does not verify that the request originates from the legitimate buyer before allowing the WooCommerce order parcel-locker destination to be updated, allowing unauthenticated attackers to silently redirect the shipping destination of any pending or processing order on the site.