Security Advisory
CVE-2026-25419
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Missing Authorization vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UpsellWP: from n/a through <= 2.2.5.