Primary

Context

XforWooCommerce Product Filter Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in the XforWooCommerce Product Filter for WooCommerce plugin, affecting versions through 9.1.2. This vulnerability allows low-privileged users to gain higher privileges, potentially leading to full control of the website.

Impact

Exploitation of this vulnerability could allow a low-privileged user to escalate their privileges, gaining access to higher-level permissions. This could result in full control over the website, depending on the privileges obtained.

Remediation

Users are advised to update to a version of the XforWooCommerce Product Filter for WooCommerce plugin that is later than 9.1.2. For those using Patchstack, a mitigation rule has been issued to block attacks until an official patch can be safely applied.

Added: Feb 20, 2026, 4:38 PM

Updated: Feb 20, 2026, 6:29 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

5.0

exploitability

5.4

remediation

7.9

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

5.0

exploitability

5.4

remediation

7.9

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

XforWooCommerce Product Filter Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

XforWooCommerce Product Filter for WooCommerce

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating