CVE-2026-49060
9.8 CRITICALIncorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation
Published: 2026-06-11 · Last updated: 2026-06-11
Severity and scoring
- CVSS
- 9.8 CRITICAL
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-266
Description
Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce: from n/a through 1.9.4.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-53814 — OpenClaw before 2026.5.20 contains a privilege escalation vulnerability where hook-triggered agent runs incorrectly receive owner-scoped ... (8.3 HIGH)
- CVE-2026-47169 — Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support
- CVE-2026-11620 — A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646 (5.3 MEDIUM)
- CVE-2026-11619 — A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2 (6.3 MEDIUM)
- CVE-2026-11555 — A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006 (3.7 LOW)