EUVD-2026-33947

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System for WooCommerce allows Password Recovery Exploitation. This issue affects Wallet System for WooCommerce: from n/a through 2.7.5...

CVE-2025-14450

The CVE CVE-2025-14450 affects Wallet System for WooCommerce (WordPress) where a missing capability check in change_wallet_fund_request_status_callback allowed authenticated users with Subscriber+ privileges to modify wallet withdrawal requests and arbitrarily alter balances in versions up to 2.7...

CVE-2025-68029

Insertion of Sensitive Information Into Sent Data vulnerability in WP Swings Wallet System for WooCommerce wallet-system-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Wallet System for WooCommerce: from n/a through = 2.7.3...

CVE-2025-54041

CVE-2025-54041 describes a Cross-Site Request Forgery (CSRF) flaw in the Wallet System for WooCommerce plugin. Affected software: Wallet System for WooCommerce, versions n/a through 2.6.7. Root cause and impact are stated as CSRF allowing an attacker to induce actions on behalf of an authenticate...

CVE-2025-32530 WordPress Wallet System for WooCommerce plugin <= 2.6.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Swings Wallet System for WooCommerce wallet-system-for-woocommerce allows Reflected XSS.This issue affects Wallet System for WooCommerce: from n/a through = 2.6.8...

WordPress plugin Wallet System for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...