CVE-2026-32586 — Missing Authorization in Booster FOR Woocommerce

CWE-862 — Missing Authorization4 documents4 sources

Severity

9.8CRITICAL

No vector

EPSS

0.0%

top 94.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Pluggabl Booster FOR Woocommerce

Timeline

PublishedMar 17

Description

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through < 7.11.3.

Affected Packages1 packages

▶CVEListV5pluggabl/booster_for_woocommerce7.11.3

🔴Vulnerability Details

CVEList

WordPress Booster for WooCommerce plugin < 7.11.3 - Broken Access Control vulnerability↗2026-03-17

▶

GHSA

GHSA-p5g2-8j3h-474p: Missing Authorization vulnerability in Pluggabl Booster for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels↗2026-03-17

▶

🕵️Threat Intelligence

Wiz

CVE-2026-32586 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶