Skip to main content

Upi Qr Code Payment Gateway For Woocommerce

1 CVEs product

Monthly

CVE-2026-56023 MEDIUM This Month

Broken Access Control in the UPI QR Code Payment Gateway for WooCommerce plugin (versions <= 1.6.2) allows authenticated low-privilege WordPress users to perform actions or access endpoints reserved for higher-privileged roles, resulting in unauthorized modification of payment data or disruption of payment processing. The flaw, rooted in missing authorization checks (CWE-862), was disclosed by Patchstack and affects sites running WooCommerce with this Knit Pay plugin installed. No public exploit code has been identified at time of analysis, and it has not been confirmed as actively exploited.

Authentication Bypass WordPress Upi Qr Code Payment Gateway For Woocommerce
NVD
CVSS 3.1
5.4
EPSS
0.2%
EPSS 0% CVSS 5.4
MEDIUM This Month

Broken Access Control in the UPI QR Code Payment Gateway for WooCommerce plugin (versions <= 1.6.2) allows authenticated low-privilege WordPress users to perform actions or access endpoints reserved for higher-privileged roles, resulting in unauthorized modification of payment data or disruption of payment processing. The flaw, rooted in missing authorization checks (CWE-862), was disclosed by Patchstack and affects sites running WooCommerce with this Knit Pay plugin installed. No public exploit code has been identified at time of analysis, and it has not been confirmed as actively exploited.

Authentication Bypass WordPress Upi Qr Code Payment Gateway For Woocommerce
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy