Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/01/17 7:15 a.m.6 views

CVE-2026-0939

The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to order status manipulation due to insufficient verification of data authenticity in all versions up to, and including, 5.1.2. This is due to the plugin failing to verify the authenticity of payment callbacks. This makes it possibl...

5.3CVSS5.9AI score0.00148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/17 7:15 a.m.8 views

CVE-2026-0942

The Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clearOrderLogs function in all versions up to, and including, 5.1.5. This makes it possible for unauthenticated...

5.3CVSS5.9AI score0.0029EPSS
Exploits0References1
NVD
NVD
added 2026/01/16 7:15 a.m.7 views

CVE-2026-0942

The Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clearOrderLogs function in all versions up to, and including, 5.1.5. This makes it possible for unauthenticated...

5.3CVSS0.0029EPSS
Exploits0References3
NVD
NVD
added 2026/01/16 7:15 a.m.8 views

CVE-2026-0939

The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to order status manipulation due to insufficient verification of data authenticity in all versions up to, and including, 5.1.2. This is due to the plugin failing to verify the authenticity of payment callbacks. This makes it possibl...

5.3CVSS0.00148EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/16 6:43 a.m.25 views

CVE-2026-0939 Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit <= 5.1.2 - Unauthenticated Order Status Manipulation

The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to order status manipulation due to insufficient verification of data authenticity in all versions up to, and including, 5.1.2. This is due to the plugin failing to verify the authenticity of payment callbacks. This makes it possibl...

5.3CVSS0.00148EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/16 6:43 a.m.28 views

CVE-2026-0942 Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit <= 5.1.5 - Missing Authorization to Unauthenticated Rede Order Logs Deletion

The Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clearOrderLogs function in all versions up to, and including, 5.1.5. This makes it possible for unauthenticated...

5.3CVSS0.0029EPSS
Exploits0References3
CVE
CVE
added 2026/01/16 6:43 a.m.16 views

CVE-2026-0939

CVE-2026-0939 (Rede Itaú for WooCommerce) : The WordPress plugin is vulnerable to unauthenticated order status manipulation due to insufficient verification of payment callback authenticity in all versions up to 5.1.2. This allows attackers to mark orders as paid/failed without authentication. Ex...

5.3CVSS5.6AI score0.00148EPSS
Exploits0References5
CVE
CVE
added 2026/01/16 6:43 a.m.17 views

CVE-2026-0942

The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in clearOrderLogs(), affecting all versions up to 5.1.2. Unauthenticated attackers could delete Rede Order Logs metadata from WooCommerce orders. A fix exists in...

5.3CVSS5.9AI score0.0029EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/16 6:43 a.m.4 views

CVE-2026-0942

The Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clearOrderLogs function in all versions up to, and including, 5.1.2. This makes it possible for unauthenticated...

5.3CVSS5.3AI score0.0029EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.5 views

WordPress plugin Rede Itaú for WooCommerce: Access control error vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.3CVSS5.8AI score0.0029EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.6 views

WordPress plugin Rede Itaú for WooCommerce has a vulnerability related to data manipulation.

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.3CVSS5.7AI score0.00148EPSS
Exploits0References5
Rows per page
Query Builder