CVE-2026-12738 | saadiqbal WP Easy Pay Plugin up to 4.5.0 on WordPress Authorization Status authorization
A vulnerability marked as critical has been reported in saadiqbal WP Easy Pay Plugin up to 4.5.0 on WordPress. This affects an unknown function of the component Authorization. The manipulation of the argument Status leads to authorization bypass.
This vulnerability is traded as CVE-2026-12738. It is possible to initiate the attack remotely. There is no exploit available.