Plugin Oficial – Getnet para WooCommerce <= 1.8.0 - Cross-Site Scripting

The Plugin Oficial – Getnet para WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping on the 'page' parameter. This makes it possible for unauthenticated attackers to...

EUVD-2023-44182

Malicious code in bioql PyPI...

WordPress Plugin Oficial – Getnet para WooCommerce plugin < 1.8.1 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Plugin Oficial – Getnet para WooCommerce versions 1.8.1...

WordPress Plugin Oficial – Getnet para WooCommerce plugin < 1.8.1 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Plugin Oficial – Getnet para WooCommerce versions 1.8.1...

CVE-2025-1303 Plugin Oficial – Getnet para WooCommerce <= 1.7.3 - Unauthenticated Reflected XSS

The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

CVE-2025-30906

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lisandragetnet Plugin Oficial – Getnet para WooCommerce wc-checkout-getnet allows Reflected XSS.This issue affects Plugin Oficial – Getnet para WooCommerce: from n/a through = 1.7.3...

CVE-2025-30906

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lisandragetnet Plugin Oficial – Getnet para WooCommerce wc-checkout-getnet allows Reflected XSS.This issue affects Plugin Oficial – Getnet para WooCommerce: from n/a through = 1.7.3...

CVE-2025-30906

CVE-2025-30906 : Reflected Cross-Site Scripting in the WordPress plugin “Plugin Oficial – Getnet para WooCommerce”; affected versions are up to 1.7.3 (no vendor versioning details provided). Patch status is listed as Patched in referenced sources.

CVE-2025-30906 WordPress Plugin Oficial – Getnet para WooCommerce plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lisandragetnet Plugin Oficial – Getnet para WooCommerce wc-checkout-getnet allows Reflected XSS.This issue affects Plugin Oficial – Getnet para WooCommerce: from n/a through = 1.7.3...

CVE-2025-30906 WordPress Plugin Oficial – Getnet para WooCommerce plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lisandragetnet Plugin Oficial – Getnet para WooCommerce wc-checkout-getnet allows Reflected XSS.This issue affects Plugin Oficial – Getnet para WooCommerce: from n/a through = 1.7.3...

WordPress Plugin Oficial – Getnet para WooCommerce plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Plugin Oficial – Getnet para WooCommerce versions = 1.7.3...

WordPress plugin Plugin Oficial – Getnet para WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Plugin Oficial - Getnet para...

PT-2025-14400 · Woocommerce · Plugin Oficial – Getnet Para Woocommerce

Name of the Vulnerable Software and Affected Versions: Plugin Oficial – Getnet para WooCommerce versions 1.7.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS...

CVE-2023-3525

The Getnet Argentina para Woocommerce plugin for WordPress is vulnerable to authorization bypass due to missing validation on the 'webhook' function in versions up to, and including, 0.0.4. This makes it possible for unauthenticated attackers to set their payment status to 'APPROVED' without...

CVE-2023-3525

The Getnet Argentina para Woocommerce plugin for WordPress is vulnerable to authorization bypass due to missing validation on the 'webhook' function in versions up to, and including, 0.0.4. This makes it possible for unauthenticated attackers to set their payment status to 'APPROVED' without...

Authorization

The Getnet Argentina para Woocommerce plugin for WordPress is vulnerable to authorization bypass due to missing validation on the 'webhook' function in versions up to, and including, 0.0.4. This makes it possible for unauthenticated attackers to set their payment status to 'APPROVED' without...

CVE-2023-3525

CVE-2023-3525 affects the WordPress plugin Getnet Argentina para Woocommerce. The issue is authorization bypass caused by missing validation in the webhook function, allowing unauthenticated attackers to set a payment status to APPROVED without payment in versions up to and including 0.0.4. The v...

CVE-2023-3525

The Getnet Argentina para Woocommerce plugin for WordPress is vulnerable to authorization bypass due to missing validation on the 'webhook' function in versions up to, and including, 0.0.4. This makes it possible for unauthenticated attackers to set their payment status to 'APPROVED' without...

CVE-2023-3525

The Getnet Argentina para Woocommerce plugin for WordPress is vulnerable to authorization bypass due to missing validation on the 'webhook' function in versions up to, and including, 0.0.4. This makes it possible for unauthenticated attackers to set their payment status to 'APPROVED' without...

PT-2023-25198 · WordPress · Getnet Argentina Para Woocommerce

Name of the Vulnerable Software and Affected Versions: Getnet Argentina para Woocommerce plugin for WordPress versions up to, and including, 0.0.4 Description: The issue is related to authorization bypass due to missing validation on the webhook function. This allows unauthenticated attackers to...