CVE-2026-2892 - Otter Blocks <= 3.1.4 - Improper Authorization to Unauthenticated Purchase Verification Bypass via Forged Cookie
CVE ID :CVE-2026-2892 Published : April 30, 2026, 2:16 p.m. | 25 minutes ago Description :The Otter Blocks plugin for WordPress is vulnerable to Purchase Verification Bypass in all versions up to, and including, 3.1.4. This is due to the 'get_customer_data' method relying on an unsigned 'o_str
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] IDF major charged with aiding enemy, taking bribe in alleged Gaza smuggling scheme
- [CYBER] We scanned 100 Smithery MCP servers and 22 came back with security findings
- [CYBER] Target-date retirement funds are more popular than ever. Critics say you can do better.
- [CYBER] Researchers discover new all-in-one ‘Bluekit’ phishing kit capable of bypassing enterprise 2FA protocols and emulating 40+ global brands
- [CYBER] CVE-2026-31431 eBPF fix
- [CYBER] Two new extortion crews are speedrunning the Scattered Spider playbook