A vulnerability was found in dornaweb Product Specifications for Woocommerce Plugin up to 0.8.9 on WordPress and classified as critical . Affected by this vulnerability is the function __invoke of the component AJAX Action Handler . Such manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2026-11364 . The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.