3 matches found
CVE-2025-6729
CVE-2025-6729 (PayMaster for WooCommerce) is an authenticated SSRF vulnerability in WordPress PayMaster for WooCommerce plugin, affecting all versions up to and including 0.4.31. An attacker with Subscriber-level access or higher can abuse the wp_ajax_paym_status AJAX action to make web requests ...
CVE-2025-6729 PayMaster for WooCommerce <= 0.4.31 - Authenticated (Subscriber+) Server-Side Request Forgery
The PayMaster for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 0.4.31 via the 'wpajaxpaymstatus' AJAX action This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to...
WordPress PayMaster for WooCommerce plugin <= 0.4.31 - Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
Authenticated Subscriber+ Server-Side Request Forgery vulnerability discovered by Poli in WordPress Plugin PayMaster for WooCommerce versions = 0.4.31...