Product Filter for WooCommerce: Unsecured Access to Sensitive Data

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.3

Product Filter for WooCommerce: Unsecured Access to Sensitive Data

CVE-2025-69378

Summary

A security flaw in Product Filter for WooCommerce allows a hacker to access sensitive data they shouldn't be able to see. This affects all versions of the plugin up to 9.1.2. To stay secure, update to the latest version of Product Filter for WooCommerce as soon as possible.

Original title

Incorrect Privilege Assignment vulnerability in XforWooCommerce Product Filter for WooCommerce prdctfltr allows Privilege Escalation.This issue affects Product Filter for WooCommerce: from n/a thro...

Original description

nvd CVSS3.1 7.3

Vulnerability type

CWE-266 Incorrect Privilege Assignment

https://patchstack.com/database/Wordpress/Plugin/prdctfltr/vulnerability/wordpre...

Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026