Woocommerce Smart Coupons
Approved changes feed: RSS · Atom
cpe:2.3:a:woocommerce:woocommerce_smart_coupons:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Woocommerce (c7b0e075-8e70-51f0-86a8-e45639512f20) |
|---|---|
| Product | Woocommerce Smart Coupons (7b5082fd-357a-565c-b069-c1f64f6d68b2) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-36841 |
vulnerable | 2026-06-03 14:42:40.025867 |
WooCommerce Smart Coupons <= 4.6.0 - Unauthenticated Coupon Creation
MEDIUM (5.3)
The WooCommerce Smart Coupons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the woocommerce_coupon_admin_init function in versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to send themselves gift certificates of any value, which could be redeemed for products sold on the victim’s storefront.
Published: 2024-10-16T12:45:52.256Z
Updated: 2026-04-08T17:31:51.771Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.