Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
Knitpay WooCommerce Payments Missing Access Control
CVE-2025-67969
Summary
The Knitpay WooCommerce payment plugin has a security weakness that allows unauthorized users to access certain features. If not configured correctly, this could lead to sensitive information being accessed or altered. Update the plugin to the latest version to fix this issue.
Original title
Missing Authorization vulnerability in knitpay UPI QR Code Payment Gateway for WooCommerce upi-qr-code-payment-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Level...
Original description
Missing Authorization vulnerability in knitpay UPI QR Code Payment Gateway for WooCommerce upi-qr-code-payment-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UPI QR Code Payment Gateway for WooCommerce: from n/a through <= 1.5.1.
nvd CVSS3.1
6.5
Vulnerability type
CWE-862
Missing Authorization
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026