CVE-2026-1128
The CVE describes a CSRF vulnerability in the WP eCommerce WordPress plugin up to version 3.15.1, where no CSRF check is performed when deleting coupons. Root cause: absence of CSRF protection in the coupon deletion flow. Affected software: WordPress plugin WP eCommerce (versions ≤ 3.15.1). Impac...