CVE-2026-21447 | Bagisto up to 2.3.9 order ID access control (GHSA-x5rw-qvvp-5cgm)

January 2, 2026 Yanac

A vulnerability, which was classified as critical, was found in Bagisto up to 2.3.9. This affects an unknown function. Such manipulation of the argument order ID leads to improper access controls.

This vulnerability is documented as CVE-2026-21447. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More