2 matches found
CVE-2026-10628
The CVE concerns the WordPress plugin Points and Rewards for WooCommerce (affected: all versions up to 2.10.0). It describes an authorization bypass in which authenticated users with subscriber-level access and above can perform arbitrary modifications via multiple AJAX actions. Core implications...
Logic Design Vulnerability in Smart Fruit Content Payment System v2.0.0
Jigo Content Payment System is a professional content payment system for enterprise customers. A logical design vulnerability exists in Jigo Content Payment System v2.0.0. The vulnerability is due to improper handling of user input in the frontend, which can be exploited by an attacker to modify...