2 matches found
CVE-2026-5050
The Payment Gateway for Redsys & WooCommerce Lite plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 7.0.0 due to successfulrequest handlers calculating a local signature but not validating DsSignature from the request before...
CVE-2025-14078
The PAYGENT for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.4.6. This is due to missing authorization checks on the paygentcheckwebhook function combined with the paygentpermissioncallback function unconditionally returning true ...