CVE-2026-11364 | The Product Specifications for WooCommerce plugin for WordPr… | CVSS 4.3 MEDIUM

Description

The Product Specifications for WooCommerce plugin for WordPress is vulnerable to unauthorized modification, creation, and deletion of data in versions up to and including 0.8.9. This is due to a missing capability check and missing nonce verification in the __invoke() methods of the AttributeGroupController and AttributeController classes, which are bound to the 'dwps_modify_groups' and 'dwps_modify_attributes' AJAX actions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create, edit, and delete arbitrary product specification groups and attributes (taxonomy terms in the 'spec-group' and attribute taxonomies), corrupting business data and impacting the site's frontend display.

Metadata

CVE ID: CVE-2026-11364
State: PUBLISHED
Assigner: Wordfence
Reserved: 2026-06-05 11:45 UTC
Published: 2026-06-27 06:50 UTC
Last updated: 2026-06-27 06:50 UTC
Primary CWE: CWE-862
CWE-862 Missing Authorization
Vendor / Product: dornaweb / Product Specifications for Woocommerce
Sources: cve.org · NVD

Severity & Metrics

4.3 MEDIUM CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Affected products (1)

Vendor	Product	Platform	Versions
dornaweb	Product Specifications for Woocommerce	—	0 ≤ 0.8.9

Weakness (CWE)

CWE	Source	Description
CWE-862	cna	CWE-862 Missing Authorization

CVSS scores (1)

Score	Severity	Version	Source	Vector
4.3	MEDIUM	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

References (8)