CVE Catalog
CVE-2026-57332
HighCVSS 7.1Summary
The Wallet System for WooCommerce plugin version 2.7.6 and earlier contains a broken access control vulnerability for subscribers. This allows users with the subscriber role to perform operations they should not be authorized for.
Risk Assessment
The risk involves potential unauthorized access to wallet functions by subscribers, which could lead to data integrity breaches and unauthorized transactions.
Recommendation
It is recommended to immediately update the Wallet System for WooCommerce plugin to the latest available version that fixes this vulnerability.
Original NVD description (English source)
Subscriber Broken Access Control in Wallet System for WooCommerce <= 2.7.6 versions.

