cleantalk
Vulnerabilities and Security Researches

B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More, CVE-2026-27346

CVE, Research URL

CVE-2026-27346

Home page URL

Security reports for B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More

Application

B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More

Published on
May 26, 2026
Research Description
Missing Authorization vulnerability in Kings Plugins B2BKing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B2BKing: from n/a before 5.2.10.
Affected versions
max 5.2.10.
Status
vulnerable
Previous vulnerability researches
Fonts Manager | Custom Fonts (CVE-2025-31578) , Apr 04, 2025
Fonts Manager | Custom Fonts (CVE-2026-1800) , Apr 13, 2026
New vulnerability
B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More (CVE-2026-27346) , May 27, 2026
GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress (CVE-2026-24546) , May 27, 2026
WP Activity Log (CVE-2026-45435) , May 26, 2026
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) (CVE-2026-48837) , May 26, 2026
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode , May 26, 2026