CVE-2025-15512 Aplazo Payment Gateway <= 1.4.2 - Missing Authorization to Unauthenticated Order Status Manipulation

The Aplazo Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checksuccessresponse function in all versions up to, and including, 1.4.2. This makes it possible for unauthenticated attackers to set any WooCommerce order ...

EUVD-2026-2528

The Aplazo Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checksuccessresponse function in all versions up to, and including, 1.4.2. This makes it possible for unauthenticated attackers to set any WooCommerce order ...

CVE-2025-15512 Aplazo Payment Gateway <= 1.4.3 - Missing Authorization to Unauthenticated Order Status Manipulation

The Aplazo Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checksuccessresponse function in all versions up to, and including, 1.4.3. This makes it possible for unauthenticated attackers to set any WooCommerce order ...

WordPress plugin Aplazo Payment Gateway 安全漏洞

WordPress Aplazo Payment Gateway plugin is a payment gateway plugin for WooCommerce stores that allows customers to choose "buy now, pay later" payment method at the time of purchase. A lack of privileges vulnerability exists in WordPress Aplazo Payment Gateway plugin, which can be exploited by a...