The Payment Gateway Per Product for WooCommerce plugin for WordPress is at risk of being accessed by someone who is not authorized. This could happen because the plugin does not check for a certain capability on a function in versions 3.5.6 and below. This means that people who are not logged in could potentially do something they are not allowed to do.