Primary

Context

WordPress WooODT Lite Plugin Authentication Bypass Vulnerability

Vulnerability

An authentication bypass vulnerability allowing identity spoofing has been identified in the WordPress WooODT Lite plugin, specifically in versions through 2.5.2. This vulnerability enables malicious actors to bypass authentication mechanisms, potentially leading to unauthorized access or actions within the application.

Impact

Exploiting this vulnerability could allow an attacker to bypass authentication, leading to unauthorized access or actions within the application.

Remediation

Users are advised to update to a version of the WooODT Lite plugin that is later than 2.5.2. For those using Patchstack, a mitigation rule has been issued to block attacks until an official patch is available.

Added: Feb 20, 2026, 8:01 PM

Updated: Feb 20, 2026, 8:01 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

1.3

exploitability

7.6

remediation

7.9

relevance

3.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

1.3

exploitability

7.6

remediation

7.9

relevance

3.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WordPress WooODT Lite Plugin Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

byconsole-woo-order-delivery-time WooODT Lite

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating