CVE-2025-11728
CVE-2025-11728 affects the Oceanpayment CreditCard Gateway plugin for WordPress (versions up to 6.0). The root cause is missing authentication and capability checks in the return_payment and notice_payment functions, allowing unauthenticated and unauthorized modification of data. The practical im...