Medium severity5.3NVD Advisory· Published Jan 23, 2026· Updated Apr 28, 2026

CVE-2026-24583

Description

Missing Authorization vulnerability in sumup SumUp Payment Gateway For WooCommerce sumup-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SumUp Payment Gateway For WooCommerce: from n/a through <= 2.7.9.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Missing authorization in SumUp Payment Gateway for WooCommerce allows unauthenticated attackers to exploit access control flaws, potentially leading to unauthorized actions.

The SumUp Payment Gateway for WooCommerce plugin versions up to and including 2.7.9 contain a missing authorization vulnerability. This issue stems from improperly configured access control security levels, allowing functions to be executed without proper permission checks. The vulnerability is classified as a Broken Access Control issue, as noted in the Patchstack advisory [1].

References

Broken Access Control in WordPress SumUp Payment Gateway For WooCommerce Plugin

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

WordPress/Fomo Payment Gateway For Woocommercellm-fuzzy
Range: <=2.7.9
Package: https://wordpress.org/plugins/fomo-payment-gateway-for-woocommerce

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

patchstack.com/database/Wordpress/Plugin/sumup-payment-gateway-for-woocommerce/vulnerability/wordpress-sumup-payment-gateway-for-woocommerce-plugin-2-7-9-broken-access-control-vulnerabilitynvd

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000