PT-2026-57411 · WordPress · Terawallet – For Woocommerce
Mitchell
·
Published
2026-07-11
·
Updated
2026-07-11
·
CVE-2026-12103
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Wallet for WooCommerce versions prior to 1.6.5
Description
An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Authenticated attackers with subscriber-level access or higher can enumerate the login name, email address, and user ID of all WordPress accounts, including administrators. This is achieved by submitting arbitrary search terms to the AJAX handler. The required
search-user nonce is localized within the wallet param object on the standard WooCommerce My Account page, which is accessible to any authenticated user.Recommendations
Update Wallet for WooCommerce to version 1.6.5 or later.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Terawallet – For Woocommerce