CVE-2026-7655 | SureCart Plugin up to 4.2.3 on WordPress Profile Synchronization email improper synchronization
A vulnerability was found in SureCart Plugin up to 4.2.3 on WordPress and classified as critical. Affected by this issue is some unknown functionality of the component Profile Synchronization. Executing a manipulation of the argument email can lead to improper synchronization.
This vulnerability is tracked as CVE-2026-7655. The attack can be launched remotely. No exploit exists.