Description
Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect permissions issue vulnerability in the Inventory module. This vulnerability could be abused by authenticated users to modify inventory stock data without authorization.
Remediation
References
Related Vulnerabilities
WordPress Plugin PHP Analytics Arbitrary File Upload (1.0.0.2)
Craft CMS Incorrect Authorization Vulnerability (CVE-2026-32267)
WordPress Plugin bbPress Multiple Vulnerabilities (2.6.4)
MySQL CVE-2016-3486 Vulnerability (CVE-2016-3486)
WordPress Plugin WooCommerce Product Feed Manager Security Bypass (2.2.3)