WooCommerce Plugin Vulnerable to CSRF Attacks
CVE Notify has flagged a critical Cross-Site Request Forgery (CSRF) vulnerability affecting The BEAR – Bulk Editor and Products Manager Professional for WooCommerce plugin by Pluginus.Net. All versions up to and including 1.1.5 are susceptible. The root cause, as identified by CVE Notify, lies in the missing nonce validation for the woobe_redraw_table_row() function. This oversight allows unauthenticated attackers to potentially manipulate crucial WooCommerce product data, including pricing, descriptions, and other product attributes, simply by tricking an administrator or shop manager into clicking a malicious link or performing a specific action.
This type of vulnerability is particularly insidious because it leverages the trust a logged-in administrator has with their own site. An attacker doesn’t need to bypass authentication; they just need to get a privileged user to unknowingly trigger the exploit. The implications for a compromised e-commerce store are severe, ranging from financial loss due to manipulated prices to reputational damage from altered product details.
What This Means For You
- Organizations utilizing The BEAR – Bulk Editor and Products Manager Professional for WooCommerce plugin should immediately update to a patched version or, if an update is not yet available, consider temporarily disabling the plugin and implementing strict access controls for administrative accounts until the vulnerability is mitigated.
Related ATT&CK Techniques
🛡️ Detection Rules
1 rule · 6 SIEM formats1 detection rule mapped to MITRE ATT&CK. Free Sigma YAML below.
Web Application Exploitation Attempt — CVE-2026-1672
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-1672 | CSRF | Plugin: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net, Affected Versions: <= 1.1.5, Vulnerable Component: woobe_redraw_table_row() function, Vulnerability: Missing nonce validation |
| CVE-2026-1672 | CSRF | Plugin: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net, Affected Versions: <= 1.1.5, Vulnerable Component: wooberedrawtablerow() function, Vulnerability: Missing nonce validation |
Related coverage
Daily Security Digest — 2026-05-22
13 vulnerability disclosures (5 Critical, 8 High) and 14 curated intelligence stories from 6 sources.
WordPress Ditty Plugin: Authorization Bypass Exposes Non-Public Content
CVE-2026-9011 — The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and...
CVE-2026-8692 — The Vedrixa Forms – User Registration Form, Signup Form &
CVE-2026-8692 — The Vedrixa Forms – User Registration Form, Signup Form & Drag & Drop Form Builder plugin for WordPress is vulnerable to authorization bypass...