CVE-2026-12103 - Wallet for WooCommerce <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) User/Email Enumeration via terawallet_export_user_search AJAX Action
CVE ID :CVE-2026-12103
Published : July 11, 2026, 5:35 a.m. | 1 hour, 10 minutes ago
Description :The Wallet for WooCommerce plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.6.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to enumerate the login name, email address, and user ID of all WordPress accounts — including administrators — by submitting arbitrary search terms to the AJAX handler. The required 'search-user' nonce is localized into the wallet_param object on the standard WooCommerce My Account page, which is accessible to any authenticated user, making it trivially obtainable by a Subscriber.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : July 11, 2026, 5:35 a.m. | 1 hour, 10 minutes ago
Description :The Wallet for WooCommerce plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.6.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to enumerate the login name, email address, and user ID of all WordPress accounts — including administrators — by submitting arbitrary search terms to the AJAX handler. The required 'search-user' nonce is localized into the wallet_param object on the standard WooCommerce My Account page, which is accessible to any authenticated user, making it trivially obtainable by a Subscriber.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...