Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.3
YayMail for WooCommerce Email Customizer: Unauthorized Access Risk
CVE-2026-27327
Summary
The YayMail plugin for WooCommerce email customization has a security weakness that could allow an attacker to access or modify email settings without permission. This is a concern for online store owners as it could lead to sensitive information being exposed or manipulated. To protect your store, update the YayMail plugin to the latest version (4.3.3 or higher).
Original title
Missing Authorization vulnerability in YayCommerce YayMail – WooCommerce Email Customizer yaymail allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayMail ...
Original description
Missing Authorization vulnerability in YayCommerce YayMail – WooCommerce Email Customizer yaymail allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayMail – WooCommerce Email Customizer: from n/a through <= 4.3.2.
nvd CVSS3.1
4.3
Vulnerability type
CWE-862
Missing Authorization
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026