WordPress Autoship Cloud for WooCommerce Subscription Products plugin

4.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Description

Missing Authorization vulnerability in Patterns in the cloud Autoship Cloud for WooCommerce Subscription Products allows Exploiting Incorrectly Configured Access Control Security Levels.

This issue affects Autoship Cloud for WooCommerce Subscription Products: from n/a through 2.14.0.

Basic Information

ID CVE-2026-24527

Source Patchstack

Published May 25, 2026 at 21:40

Affected Product

Vendor Patterns in the cloud

Product Autoship Cloud for WooCommerce Subscription Products

Version n/a

Affected Versions Patterns in the cloud Autoship Cloud for WooCommerce Subscription Products n/a

CWE Classification

CWE-862

References

patchstack.com /database/wordpress/plugin/autoship-cloud/vulnerability/wordpress-autoship-cloud-for-woocommerce-subscription-products-plugin-2-14-0-broken-access-control-vulnerability

{
    "lastseen": "",
    "description": "Missing Authorization vulnerability in Patterns in the cloud Autoship Cloud for WooCommerce Subscription Products allows Exploiting Incorrectly Configured Access Control Security Levels.\n\nThis issue affects Autoship Cloud for WooCommerce Subscription Products: from n/a through 2.14.0.",
    "published": "2026-05-25T21:40:35.813Z",
    "modified": "2026-05-25T21:40:35.813Z",
    "type": "cve",
    "title": "WordPress Autoship Cloud for WooCommerce Subscription Products plugin <= 2.14.0 - Broken Access Control vulnerability",
    "source": "Patchstack",
    "references": "https://patchstack.com/database/wordpress/plugin/autoship-cloud/vulnerability/wordpress-autoship-cloud-for-woocommerce-subscription-products-plugin-2-14-0-broken-access-control-vulnerability?_s_id=cve",
    "id": "CVE-2026-24527",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "Patterns in the cloud Autoship Cloud for WooCommerce Subscription Products n/a",
    "sourceHref": "",
    "cvss": {
        "score": 4.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Autoship Cloud for WooCommerce Subscription Products",
    "version": "n/a",
    "vendor": "Patterns in the cloud",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

WordPress Autoship Cloud for WooCommerce Subscription Products plugin <= 2.14.0 - Broken Access Control vulnerability_CVE-2026-24527