CVE-2026-6372
HIGHWordPress Accept Cryptocurrencies with Plisio plugin <= 2.0.5 - Payment Bypass vulnerability
Title source: cnaDescription
Missing Authorization vulnerability in Plisio Accept Cryptocurrencies with Plisio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accept Cryptocurrencies with Plisio: from n/a through 2.0.5.
Scores
CVSS v3
7.5
EPSS
0.0004
EPSS Percentile
11.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-862
Status
published
Products (1)
Plisio/Accept Cryptocurrencies with Plisio
< 2.0.5
Published
Apr 15, 2026
Tracked Since
Apr 15, 2026