Lucene search
K

67 matches found

NVD
NVD
added 3 days ago8 views

CVE-2026-57332

Subscriber Broken Access Control in Wallet System for WooCommerce = 2.7.6 versions...

7.1CVSS0.00256EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-40103

Subscriber Broken Access Control in Wallet System for WooCommerce = 2.7.6 versions...

7.1CVSS5.8AI score0.00256EPSS
Exploits0References1
CVE
CVE
added 3 days ago9 views

CVE-2026-57332

The CVE affects the WordPress Wallet System for WooCommerce plugin, specifically versions

7.1CVSS5.8AI score0.00256EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-57332 WordPress Wallet System for WooCommerce plugin <= 2.7.6 - Broken Access Control vulnerability

Subscriber Broken Access Control in Wallet System for WooCommerce = 2.7.6 versions...

7.1CVSS0.00256EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 3 days ago6 views

PT-2026-53293

Name of the Vulnerable Software and Affected Versions Wallet System for WooCommerce versions prior to 2.7.7 Description Broken access control allows users with the Subscriber role to perform unauthorized actions within the system. Recommendations Update Wallet System for WooCommerce to version...

7.1CVSS5.8AI score0.00256EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.8 views

CVE-2026-42654

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System for WooCommerce allows Password Recovery Exploitation. This issue affects Wallet System for WooCommerce: from n/a through 2.7.5...

7.1CVSS5.4AI score0.00207EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 4:16 p.m.14 views

CVE-2026-42654

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System for WooCommerce allows Password Recovery Exploitation. This issue affects Wallet System for WooCommerce: from n/a through 2.7.5...

7.1CVSS0.00207EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 2:48 p.m.9 views

CVE-2026-42654

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System for WooCommerce allows Password Recovery Exploitation. This issue affects Wallet System for WooCommerce: from n/a through 2.7.5...

7.1CVSS5.8AI score0.00207EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/02 2:48 p.m.9 views

CVE-2026-42654 WordPress Wallet System for WooCommerce plugin <= 2.7.5 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System for WooCommerce allows Password Recovery Exploitation. This issue affects Wallet System for WooCommerce: from n/a through 2.7.5...

7.1CVSS5.8AI score0.00207EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 2:48 p.m.12 views

CVE-2026-42654

CVE-2026-42654 affects the WordPress Wallet System for WooCommerce plugin (versions up to 2.7.5). The vulnerability is an authentication bypass via an alternate path or channel that enables password recovery exploitation. This is described as a broken authentication vulnerability and specifically...

7.1CVSS5.8AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/02 2:48 p.m.34 views

CVE-2026-42654 WordPress Wallet System for WooCommerce plugin <= 2.7.5 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System for WooCommerce allows Password Recovery Exploitation. This issue affects Wallet System for WooCommerce: from n/a through 2.7.5...

7.1CVSS0.00207EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 2:48 p.m.10 views

EUVD-2026-33947

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System for WooCommerce allows Password Recovery Exploitation. This issue affects Wallet System for WooCommerce: from n/a through 2.7.5...

7.1CVSS5.8AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

WordPress plugin Wallet System for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.1CVSS5.5AI score0.00207EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.14 views

PT-2026-45780

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System for WooCommerce allows Password Recovery Exploitation. This issue affects Wallet System for WooCommerce: from n/a through 2.7.5...

7.1CVSS5.8AI score0.00207EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/04/29 2:26 p.m.6 views

WordPress Wallet System for WooCommerce plugin <= 2.7.5 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Jakub Herman in WordPress Plugin Wallet System for WooCommerce versions = 2.7.5...

5.8AI score0.00207EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/19 8:14 a.m.6 views

WordPress Wallet System for WooCommerce plugin <= 2.7.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wallet Balance Manipulation vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Wallet Balance Manipulation vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Wallet System for WooCommerce versions = 2.7.2...

6.5CVSS5.5AI score0.00214EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/18 2:26 a.m.7 views

CVE-2025-14450

The Wallet System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'changewalletfundrequeststatuscallback' function in all versions up to, and including, 2.7.2. This makes it possible for authenticated attackers, with...

6.5CVSS5.1AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2026/01/17 3:16 a.m.18 views

CVE-2025-14450

The Wallet System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'changewalletfundrequeststatuscallback' function in all versions up to, and including, 2.7.2. This makes it possible for authenticated attackers, with...

6.5CVSS0.00214EPSS
Exploits0References4
CVE
CVE
added 2026/01/17 2:22 a.m.19 views

CVE-2025-14450

The CVE CVE-2025-14450 affects Wallet System for WooCommerce (WordPress) where a missing capability check in change_wallet_fund_request_status_callback allowed authenticated users with Subscriber+ privileges to modify wallet withdrawal requests and arbitrarily alter balances in versions up to 2.7...

6.5CVSS4.7AI score0.00214EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/17 2:22 a.m.2 views

CVE-2025-14450 Wallet System for WooCommerce <= 2.7.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wallet Balance Manipulation

The Wallet System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'changewalletfundrequeststatuscallback' function in all versions up to, and including, 2.7.2. This makes it possible for authenticated attackers, with...

6.5CVSS5.5AI score0.00214EPSS
Exploits0References4
Rows per page
Query Builder