CVE-2026-42654 | WP Swings Wallet System for WooCommerce Plugin up to 2.7.5 on WordPress authentication bypass

Inserito da Angelo Barbosa | Giu 2, 2026 | CVE

A vulnerability was found in WP Swings Wallet System for WooCommerce Plugin up to 2.7.5 on WordPress and classified as critical. This affects an unknown function. The manipulation results in authentication bypass using alternate channel.

This vulnerability is known as CVE-2026-42654. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-42654 | WP Swings Wallet System for WooCommerce Plugin up to 2.7.5 on WordPress authentication bypass

Post correlati

CVE-2024-39573 | Apache HTTP Server up to 2.4.59 mod_rewrite server-side request forgery

CVE-2025-23872 | PayForm Plugin up to 2.0 on WordPress cross-site request forgery

CVE-2024-23941 | Intermesh Group Office up to 6.6.181/6.7.63/6.8.30 cross site scripting

CVE-2024-10962 | WPvivid Plugin up to 0.9.107 on WordPress code injection