CVE-2026-9241 | realmag777 FOX Plugin up to 1.4.6 on WordPress fixed_user_role.php get_value wooc_order_user_roles authorization

SecurityVulns

A vulnerability described as critical has been identified in realmag777 FOX Plugin up to 1.4.6 on WordPress. The impacted element is the function get_value of the file classes/fixed/fixed_user_role.php. Such manipulation of the argument wooc_order_user_roles leads to authorization bypass.

This vulnerability is referenced as CVE-2026-9241. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More