5 matches found
CVE-2025-14880
The Netcash WooCommerce Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handlereturnurl function in all versions up to, and including, 4.1.3. This makes it possible for unauthenticated attackers to mark any WooCommer...
CVE-2025-14880 Netcash WooCommerce Payment Gateway <= 4.1.3 - Missing Authorization to Unauthenticated Order Status Modification
The Netcash WooCommerce Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handlereturnurl function in all versions up to, and including, 4.1.3. This makes it possible for unauthenticated attackers to mark any WooCommer...
CVE-2025-14880
CVE-2025-14880 concerns the Netcash WooCommerce Payment Gateway plugin for WordPress. The vulnerability arises from a missing capability check in the handle_return_url function, present in all versions up to and including 4.1.3, enabling unauthenticated attackers to modify data and mark WooCommer...
CVE-2025-14880 Netcash WooCommerce Payment Gateway <= 4.1.3 - Missing Authorization to Unauthenticated Order Status Modification
The Netcash WooCommerce Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handlereturnurl function in all versions up to, and including, 4.1.3. This makes it possible for unauthenticated attackers to mark any WooCommer...
WordPress Netcash WooCommerce Payment Gateway plugin <= 4.1.3 - Missing Authorization to Unauthenticated Order Status Modification vulnerability
Missing Authorization to Unauthenticated Order Status Modification vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Netcash WooCommerce Payment Gateway versions = 4.1.3...