WordPress FOX – Currency Switcher Professional for WooCommerce plugin <= 1.4.6 - Authenticated (Subscriber+) Authorization Bypass vulnerability

Authenticated Subscriber+ Authorization Bypass vulnerability discovered by Long Lagon in WordPress Plugin FOX versions = 1.4.6...

CVE-2026-39501

CVE-2026-39501 is a Broken Access Control vulnerability affecting WordPress FOX plugin (woocommerce-currency-switcher) versions &lt;= 1.4.5. The root cause is Missing Authorization / incorrectly configured access control, allowing unauthorized access due to insufficient restrictions. Documents co...

CVE-2026-39501 WordPress FOX plugin <= 1.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FOX: from n/a through = 1.4.5...

CVE-2026-39497

Summary of CVE-2026-39497 (WordPress FOX plugin

WordPress FOX plugin <= 1.4.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by timomangcut in WordPress Plugin FOX versions = 1.4.5...

CVE-2026-31922 WordPress Fox LMS plugin <= 1.0.6.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ays Pro Fox LMS fox-lms allows Blind SQL Injection.This issue affects Fox LMS: from n/a through = 1.0.6.3...

WordPress FOX – Currency Switcher Professional for WooCommerce plugin <= 1.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin FOX versions = 1.4.2...