CVE-2026-1722 | WCFM Marketplace Plugin up to 3.7.0 on WordPress Refund Request Creation resource injection

Full Article URL: https://vuldb.com/?id.345047
Textarea URL (this page): <a href="https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxNTAxBwCQOAj2_2026-02-09">https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxNTAxBwCQOAj2_2026-02-09
Source: https://vuldb.com/?rss.recent
Vuldb: https://vuldb.com
Publication date: 2026-02-09 21:39:43
Last retrieval: 2026-02-09 20:46:16.798343

21:39 - 09 Feb 2026

vuldb.com

A vulnerability, which was classified as problematic, was found in WCFM Marketplace Plugin up to 3.7.0 on WordPress. This impacts an unknown function of the component Refund Request Creation Handler. Executing a manipulation can lead to improper control of resource identifiers. This vulnerability is handled as CVE-2026-1722. The attack can be executed remotely. There is not any exploit available.

https://vuldb.com/?id.345047

Article info: