top of page
perceptive_background_267k.jpg

Incorrect Privilege Assignment vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture allows Privilege Escalation.This issue affects Woocomm…

Published:

18 March 2026 at 23:00:00

Alert date:

19 March 2026 at 07:01:54

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

CVE-2026-27542 is an Incorrect Privilege Assignment vulnerability in Rymera Web Co Pty Ltd's WooCommerce Wholesale Lead Capture plugin that allows privilege escalation. The vulnerability affects versions from n/a through 2.0.3.1. This WordPress plugin vulnerability could allow attackers to escalate their privileges on affected websites. The issue has been documented by both the National Vulnerability Database and Patchstack. Organizations using this WooCommerce plugin should update to a patched version to mitigate the risk.

Technical details

Mitigation steps:

Affected products:

WooCommerce Wholesale Lead Capture

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-27542
https://patchstack.com/database/wordpress/plugin/woocommerce-wholesale-lead-capture/vulnerability/wordpress-woocommerce-wholesale-lead-capture-plugin-1-17-8-privilege-escalation-vulnerability?_s_id=cve

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page