CVE-2026-4663 | iPOSpays Gateways WC Plugin up to 1.3.7 on WordPress REST API Endpoint save_settings authorization

Inserito da Angelo Barbosa | Mag 12, 2026 | CVE

A vulnerability has been found in iPOSpays Gateways WC Plugin up to 1.3.7 on WordPress and classified as critical. Impacted is an unknown function of the file /wp-json/ipospays/v1/save_settings of the component REST API Endpoint. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2026-4663. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-4663 | iPOSpays Gateways WC Plugin up to 1.3.7 on WordPress REST API Endpoint save_settings authorization

Post correlati

CVE-2026-39360 | RustFS up to alpha.89 Multipart Upload authorization

CVE-2026-7461 | AWS Amazon ECS Agent up to 1.102.0 on Windows os command injection

CVE-2024-9710 | PostHog database_schema server-side request forgery (ZDI-24-1383)

CVE-2024-6501 | Network NetworkManager LLDP denial of service