Is CVE-2026-56048 being exploited?

No public exploit is currently tracked.

How severe is CVE-2026-56048?

CVE-2026-56048 has a CVSS v3 severity of MEDIUM (6.5).

Back

Description

Unauthenticated Insecure Direct Object References (IDOR) in Payment Gateway Based Fees and Discounts for WooCommerce <= 3.0.0 versions.