cleantalk
Vulnerabilities and Security Researches

B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More, CVE-2026-27346

CVE, Research URL

CVE-2026-27346

Home page URL

Security reports for B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More

Application

B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More

Published on
May 26, 2026
Research Description
Missing Authorization vulnerability in Kings Plugins B2BKing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B2BKing: from n/a before 5.2.10.
Affected versions
max 5.2.10.
Status
vulnerable
Previous vulnerability researches
RSVP ME (CVE-2025-23480) , Mar 05, 2025
RSVP ME (CVE-2024-50544) , Nov 04, 2024
RSVP ME (CVE-2024-50491) , Oct 29, 2024
New vulnerability
Autoship Cloud for WooCommerce Subscription Products (CVE-2026-24527) , May 27, 2026
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2026-7493) , May 27, 2026
RSVP and Event Management Plugin (CVE-2026-27398) , May 27, 2026
B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More (CVE-2026-27346) , May 27, 2026
GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress (CVE-2026-24546) , May 27, 2026