3 matches found
CVE-2025-31032
CVE-2025-31032 affects the Pagopar – WooCommerce Gateway (WordPress plugin) and is described as a Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in versions up to 2.7.1. The CVSS score is 7.1 (HIGH) with network attack vector, no privileges, user interaction requir...
CVE-2025-31032 WordPress Pagopar – WooCommerce Gateway plugin <= 2.7.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Pagopar - Grupo M S.A. Pagopar – WooCommerce Gateway pagopar-woocommerce-gateway allows Stored XSS.This issue affects Pagopar – WooCommerce Gateway: from n/a through = 2.7.1...
PT-2025-15731 · Woocommerce · Pagopar – Woocommerce Gateway
Name of the Vulnerable Software and Affected Versions: Pagopar - Grupo M S.A. Pagopar – WooCommerce Gateway versions through 2.7.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability and Stored XSS in Pagopar – WooCommerce Gateway. Recommendations: For versions...