A vulnerability classified as critical was found in WebToffee Smart Coupons for WooCommerce Plugin up to 2.2.x on WordPress. This affects an unknown function. Such manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2026-45438 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.