{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1672", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-01-30T01:19:20.746Z", "datePublished": "2026-04-08T11:16:58.519Z", "dateUpdated": "2026-04-08T17:18:41.014Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:18:41.014Z"}, "affected": [{"vendor": "realmag777", "product": "BEAR \u2013 Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.1.5", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The BEAR \u2013 Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5. This is due to missing nonce validation on the woobe_redraw_table_row() function. This makes it possible for unauthenticated attackers to update WooCommerce product data including prices, descriptions, and other product fields via a forged request granted they can trick a site administrator or shop manager into performing an action such as clicking on a link."}], "title": "BEAR \u2013 Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery to Product Data Modification", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc3b5faa-1a29-4fa7-9146-d782adce0b1f?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/woo-bulk-editor/trunk/index.php#L782"}, {"url": "https://plugins.trac.wordpress.org/changeset/3457263/"}, {"url": "https://plugins.trac.wordpress.org/changeset/3465138/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Dmitrii Ignatyev"}], "timeline": [{"time": "2026-01-30T01:36:11.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-04-07T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-08T14:47:19.683485Z", "id": "CVE-2026-1672", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-08T16:13:41.332Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1672", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-08T14:47:19.683485Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-08T14:47:20.789Z"}}], "cna": {"title": "BEAR \u2013 Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery to Product Data Modification", "credits": [{"lang": "en", "type": "finder", "value": "Dmitrii Ignatyev"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}}], "affected": [{"vendor": "realmag777", "product": "BEAR \u2013 Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.1.5"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-01-30T01:36:11.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2026-04-07T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc3b5faa-1a29-4fa7-9146-d782adce0b1f?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/woo-bulk-editor/trunk/index.php#L782"}, {"url": "https://plugins.trac.wordpress.org/changeset/3457263/"}, {"url": "https://plugins.trac.wordpress.org/changeset/3465138/"}], "descriptions": [{"lang": "en", "value": "The BEAR \u2013 Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5. This is due to missing nonce validation on the woobe_redraw_table_row() function. This makes it possible for unauthenticated attackers to update WooCommerce product data including prices, descriptions, and other product fields via a forged request granted they can trick a site administrator or shop manager into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T11:16:58.519Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1672", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:13:41.332Z", "dateReserved": "2026-01-30T01:19:20.746Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-04-08T11:16:58.519Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The BEAR \u2013 Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5. This is due to missing nonce validation on the woobe_redraw_table_row() function. This makes it possible for unauthenticated attackers to update WooCommerce product data including prices, descriptions, and other product fields via a forged request granted they can trick a site administrator or shop manager into performing an action such as clicking on a link."}], "id": "CVE-2026-1672", "lastModified": "2026-04-08T21:26:13.410", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Primary"}]}, "published": "2026-04-08T12:16:19.277", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/woo-bulk-editor/trunk/index.php#L782"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3457263/"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3465138/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc3b5faa-1a29-4fa7-9146-d782adce0b1f?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@wordfence.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.1.5]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "BEAR \u2013 Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net", "source": "cna", "vendor": "realmag777"}, "product": "bear_\u2013_bulk_editor_and_products_manager_professional_for_woocommerce_by_pluginus.net", "vendor": "realmag777"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-08T12:21:39.100722+00:00", "value": {"mitigation_remediation": ["Apply the latest plugin update (v1.1.6 or later) from the official Pluginus.Net source.", "If an update cannot be applied immediately, disable the BEAR \u2013 Bulk Editor plugin until a patch is available.", "Restrict access to the WordPress admin interface to trusted users and enforce strong password policies.", "Enable two\u2011factor authentication for site administrators and shop managers to mitigate risk of click\u2011jacking or accidental exploitation.", "Monitor product listings for unexpected changes and review server logs for suspicious POST requests to the woobe_redraw_table_row endpoint."], "summary": {"action": "Immediate Patch", "impact": "Unrestricted modification of WooCommerce product data via CSRF"}, "threat_synthesis": {"affected_systems": "This flaw affects the realmag777 \"BEAR \u2013 Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net\" plugin for WordPress. All releases up to and including version 1.1.5 are impacted. The plug\u2011in is typically deployed on WooCommerce\u2011enabled sites running WordPress.", "description_and_impact": "The vulnerability is a missing nonce validation in a WordPress plugin that enables Cross\u2011Site Request Forgery. An unauthenticated attacker can submit a forged request that causes the site\u2019s administrator or shop manager to update product information, including prices, descriptions, and other fields. This compromise of data integrity can lead to financial loss and damage to product listings.", "risk_and_exploitability": "The CVSS score of 6.5 indicates moderate severity. Exploitation relies on a typical CSRF vector: the attacker must lure an authorized user to click a malicious link or submit a forged form. The EPSS score is not available, and the vulnerability is not listed in CISA\u2019s KEV catalog, but the availability of an unauthenticated attack path and the ability to alter product data make this risk meaningful for e\u2011commerce operators."}}}}, "created": "2026-04-08T19:27:10.684673+00:00", "updated": "2026-04-08T19:39:47.564042+00:00", "vendors": ["realmag777", "realmag777$PRODUCT$bear_\u2013_bulk_editor_and_products_manager_professional_for_woocommerce_by_pluginus.net", "wordpress", "wordpress$PRODUCT$wordpress"]}