WP EasyPay Missing Authorization Allows Unintended Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.4

WP EasyPay Missing Authorization Allows Unintended Access

CVE-2026-32587

Summary

WP EasyPay, a plugin used for payment processing, has a security issue that allows unauthorized users to access sensitive features. This affects versions 1 through 4.2.11. To fix, update to version 4.2.12 or later to ensure proper access controls are in place.

Original title

Missing Authorization vulnerability in Saad Iqbal WP EasyPay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP EasyPay: from n/a through 4.2.11.

Original description

Missing Authorization vulnerability in Saad Iqbal WP EasyPay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP EasyPay: from n/a through 4.2.11.

nvd CVSS3.1 5.4

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/wordpress/plugin/wp-easy-pay/vulnerability/wordp...

Published: 16 Mar 2026 · Updated: 16 Mar 2026 · First seen: 16 Mar 2026