ANYONE CAN STEAL ETH THROUGH METHODS IN Payment.sol
Lines of code Vulnerability details Impact In Payment.sol contract, there is no access control on unwrapWETH, sweepToken and refundETH. So anyone can call these method to steal the Eth. Proof of Concept File: src/periphery/Payment.sol function unwrapWETHuint256 amountMinimum, address recipient...