YayCommerce YayMail WooCommerce Email Customizer Missing Authorization Vulnerability

Vulnerability

A missing authorization vulnerability has been identified in the YayMail – WooCommerce Email Customizer plugin, affecting versions through 4.3.2. This vulnerability arises from incorrectly configured access control, allowing unauthorized actions that could exploit the plugin's functionality.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed within the YayMail – WooCommerce Email Customizer plugin, potentially allowing users to manipulate email customizations or related settings without proper authorization.

Added: Feb 19, 2026, 9:33 PM

Updated: Feb 19, 2026, 9:33 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

3.2

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

3.2

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

YayCommerce YayMail WooCommerce Email Customizer Missing Authorization Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating