Terawallet Security Vulnerabilities and Issues — Terawallet CVE List

Lucene search

StandalonetechTerawallet

3 matches found

CVE•added 2022/11/29 9:15 p.m.•44 views

CVE-2022-3995

The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.4.3. This is due to insufficient validation of the user-controlled key on the lock_unlock_terawallet AJAX action. This makes it possible for authenticated attackers, with subscr...

4.3CVSS4.3AI score0.0005EPSS

CVE•added 2024/03/13 4:15 p.m.•30 views

CVE-2024-1690

The TeraWallet – Best WooCommerce Wallet System With Cashback Rewards, Partial Payment, Wallet Refunds plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the terawallet_export_user_search() function in all versions up to, and including, 1.4.10. Th...

4.3CVSS5.2AI score0.00207EPSS

CVE•added 2023/03/01 2:15 p.m.•27 views

CVE-2022-40198

Cross-Site Request Forgery (CSRF) vulnerability in StandaloneTech TeraWallet – For WooCommerce plugin

4.3CVSS5.1AI score0.00056EPSS