CVE-2026-2631

{"id": "CVE-2026-2631", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2026-03-11T06:17:14.467", "references": [{"url": "https://wpscan.com/vulnerability/c6a64f26-4007-49a1-aa69-1e3c50223ac7/", "source": "contact@wpscan.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-269"}]}], "descriptions": [{"lang": "en", "value": "The Datalogics Ecommerce Delivery WordPress plugin before 2.6.60 exposes an unauthenticated REST endpoint that allows any remote user to modify the option `datalogics_token` without verification. This token is subsequently used for authentication in a protected endpoint that allows users to perform arbitrary WordPress `update_option()` operations. Attackers can use this to enable registartion and to set the default role as Administrator."}, {"lang": "es", "value": "El plugin de WordPress Datalogics Ecommerce Delivery anterior a 2.6.60 expone un endpoint REST no autenticado que permite a cualquier usuario remoto modificar la opci\u00f3n 'datalogics_token' sin verificaci\u00f3n. Este token se utiliza posteriormente para autenticaci\u00f3n en un endpoint protegido que permite a los usuarios realizar operaciones arbitrarias de WordPress 'update_option()'. Los atacantes pueden usar esto para habilitar el registro y establecer el rol predeterminado como Administrador."}], "lastModified": "2026-04-15T15:05:47.827", "sourceIdentifier": "contact@wpscan.com"}