CVE-2026-5459 | wedevs User Frontend Plugin up to 4.3.1 Payment Page payment_page user_id resource injection

SecurityVulns

A vulnerability labeled as critical has been found in wedevs User Frontend Plugin up to 4.3.1. The impacted element is the function payment_page of the component Payment Page. Executing a manipulation of the argument user_id can lead to improper control of resource identifiers.

The identification of this vulnerability is CVE-2026-5459. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More