CVE-2026-1672
The BEAR – Bulk Editor and Products Manager Professional for WordPress (Pluginus.Net) is affected by a Cross-Site Request Forgery in all versions up to 1.1.5. The root cause is missing nonce validation on the woobe_redraw_table_row() function, enabling unauthenticated attackers to modify WooComme...