1. Critical Unpatched Authorization Flaw in InfusedWoo Pro Exposes WordPress Sites to Unauthenticated Data Deletion
A critical missing authorization vulnerability has been identified in InfusedWoo Pro, a WordPress plugin widely used for integrating WooCommerce with the Infusionsoft CRM platform. Tracked as CVE-2026-6512 and classified under CWE-862 (Missing Authorization), the flaw affects all versions up to and including 5.1.2. The...