The Wallet for WooCommerce plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.6.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to enumerate the login name, email address, and user ID of all WordPress accounts — including administrators — by submitting arbitrary search terms to the AJAX handler. The required 'search-user' nonce is localized into the wallet_param object on the standard WooCommerce My Account page, which is accessible to any authenticated user, making it trivially obtainable by a Subscriber.
Metrics
Affected Vendors & Products
References
History
Sat, 11 Jul 2026 07:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Subratamal
Subratamal wallet For Woocommerce Wordpress Wordpress wordpress |
|
| Vendors & Products |
Subratamal
Subratamal wallet For Woocommerce Wordpress Wordpress wordpress |
Sat, 11 Jul 2026 06:30:00 +0000
Status: PUBLISHED
Assigner: Wordfence
Published:
Updated: 2026-07-11T05:35:49.340Z
Reserved: 2026-06-12T14:28:14.643Z
Link: CVE-2026-12103
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-11T07:30:03Z