cleantalk
Vulnerabilities and Security Researches

Oliver POS – A WooCommerce Point of Sale (POS), CVE-2026-6072

CVE, Research URL

CVE-2026-6072

Home page URL

Security reports for Oliver POS – A WooCommerce Point of Sale (POS)

Application

Oliver POS – A WooCommerce Point of Sale (POS)

Published on
May 20, 2026
Research Description
The Oliver POS – A WooCommerce Point of Sale (POS) plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 2.4.2.6. The plugin protects its entire /wp-json/pos-bridge/* REST API namespace through the oliver_pos_rest_authentication() permission callback, which uses a loose PHP comparison (==) to compare the attacker-supplied 'OliverAuth' header value against the 'oliver_pos_authorization_token' option. On fresh installations where the admin has not yet completed the connection flow, this option is unset (get_option returns false). Due to PHP's type juggling, the loose comparison '0' == false evaluates to true, allowing an unauthenticated attacker to bypass authentication by sending 'OliverAuth: 0'. This grants full access to all POS API endpoints, enabling attackers to read user data (including administrator details), update user profiles (including email addresses), and delete non-admin users. An admin account email reset can lead to site takeover.
Affected versions
max 2.4.2.6.
Status
vulnerable
Previous vulnerability researches
Sell Digital Downloads (CVE-2025-22826) , Jan 11, 2025
New vulnerability
Infility Global (CVE-2026-8685) , May 23, 2026
Logo Manager For Enamad (CVE-2026-6549) , May 23, 2026
Sentence To SEO (keywords, description and tags) (CVE-2026-6391) , May 23, 2026
Oliver POS – A WooCommerce Point of Sale (POS) (CVE-2026-6072) , May 23, 2026
Amazon Scraper (CVE-2026-8419) , May 23, 2026