Wholesale Suite Privilege Escalation Risk from Unauthorized Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.1

Wholesale Suite Privilege Escalation Risk from Unauthorized Access

CVE-2026-27541

Summary

The Wholesale Suite plugin for WooCommerce has a bug that could let an attacker access areas of the site they shouldn't be able to. This affects all versions of the plugin up to and including 2.2.6. If you use this plugin, update it to the latest version to fix the issue.

Original title

Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through <= 2.2.6.

Original description

Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through <= 2.2.6.

Vulnerability type

CWE-266 Incorrect Privilege Assignment

https://patchstack.com/database/Wordpress/Plugin/woocommerce-wholesale-prices/vu...

Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026