CVE-2026-32372
Information Exposure in ShopBuilder Elementor WooCommerce Addons
Publication date: 2026-03-13
Last updated on: 2026-03-17
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| radius_theme | shopbuilder_elementor_woocommerce_builder_addons | to 3.2.4 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-497 | The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2026-32372 is a Sensitive Data Exposure vulnerability in the WordPress plugin "ShopBuilder β Elementor WooCommerce Builder Addons" versions up to and including 3.2.4.'}, {'type': 'paragraph', 'content': 'This vulnerability allows unauthenticated attackers to access sensitive information that is normally restricted from regular users.'}, {'type': 'paragraph', 'content': 'It falls under the OWASP Top 10 category A3: Sensitive Data Exposure and has a CVSS severity score of 5.3, indicating a low severity impact.'}] [1]
How can this vulnerability impact me? :
The vulnerability allows attackers with no privileges to retrieve embedded sensitive data from the affected plugin.
This exposure of sensitive system information could potentially enable further exploitation of other system weaknesses.
However, the impact is considered low severity and the vulnerability is unlikely to be exploited.
Users are advised to update to version 3.2.5 or later to mitigate the risk.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'To mitigate the vulnerability CVE-2026-32372 in the ShopBuilder β Elementor WooCommerce Builder Addons plugin, you should update the plugin to version 3.2.5 or later, where the issue has been patched.'}, {'type': 'paragraph', 'content': "Additionally, using mitigation services such as Patchstack's auto-updates for vulnerable plugins can help reduce the risk."}] [1]