2 matches found
CVE-2025-12903
The CVE-2025-12903 concerns the WordPress plugin Payment Plugins Braintree For WooCommerce. It affects all versions up to 3.2.78 and arises from a missing capability check on the REST endpoint wc-braintree/v1/3ds/vaulted_nonce, registered with permission_callback set to __return_true. This allows...
WordPress Payment Plugins Braintree For WooCommerce plugin <= 3.2.78 - Missing Authorization to Payment Token Exposure and Transaction Fraud vulnerability
Missing Authorization to Payment Token Exposure and Transaction Fraud vulnerability discovered by M Indra Purnama type5afe in WordPress Plugin Payment Plugins Braintree For WooCommerce versions = 3.2.78...