eShipper Commerce: Unauthorized Access to Sensitive Data

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

eShipper Commerce: Unauthorized Access to Sensitive Data

CVE-2026-39689

Summary

A security issue in eShipper Commerce versions 2.16.12 and earlier allows unauthorized access to sensitive data. This means that if not properly configured, attackers could access information they shouldn't. Update to version 2.16.13 or later to fix the issue.

Original title

Missing Authorization vulnerability in eshipper eShipper Commerce eshipper-commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eShipper Commerce: fro...

Original description

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/eshipper-commerce/vulnerability...

Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026