Sensitive Data Exposure in Wallet System for WooCommerce by WP Swings
CVE-2025-68029
6.3MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 5 January 2026
What is CVE-2025-68029?
The Wallet System for WooCommerce by WP Swings has a vulnerability that allows for the retrieval of embedded sensitive data. This flaw can lead to unintended exposure of critical information, potentially compromising user privacy and security. The affected versions range from an unspecified release to 2.7.2. Users are encouraged to evaluate their security measures and update to the latest versions to mitigate potential risks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Wallet System for WooCommerce <= 2.7.2
References
CVSS V3.1
Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Denver Jackson | Patchstack Bug Bounty Program