9 matches found
Yoco Payments <= 3.8.8 - Path Traversal
Yoco Payments WordPress plugin = 3.8.8 contains a path traversal caused by improper validation of the file parameter, letting unauthenticated attackers read arbitrary files on the server. id: CVE-2025-13801 info: name: Yoco Payments = 3.8.8 - Path Traversal author: 0xAkoko severity: high...
CVE-2025-13801
The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.9.0 via the file parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...
CVE-2025-13801
The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.9.0 via the file parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...
CVE-2025-13801 Yoco Payments <= 3.9.0 - Unauthenticated Arbitrary File Read
The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.9.0 via the file parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...
CVE-2025-13801 Yoco Payments <= 3.9.0 - Unauthenticated Arbitrary File Read
The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.9.0 via the file parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...
CVE-2025-13801
CVE-2025-13801 : The WordPress Yoco Payments plugin is vulnerable to path traversal in the file parameter in versions up to 3.8.8 (per Initial Description). Wordfence’s WordPress Vulnerability Report confirms the issue as present in Yoco Payments <= 3.9.0, enabling unauthenticated attackers to...
WordPress Yoco Payments plugin <= 3.8.8 - Unauthenticated Arbitrary File Read vulnerability
Unauthenticated Arbitrary File Read vulnerability discovered by NumeX in WordPress Plugin Yoco Payments versions = 3.8.8...
WordPress plugin Yoco Payments 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A path...
PT-2026-1606
Name of the Vulnerable Software and Affected Versions Yoco Payments plugin for WordPress versions through 3.8.8 Description The Yoco Payments plugin for WordPress is susceptible to a Path Traversal issue. This allows unauthenticated attackers to read arbitrary files on the server, potentially...