WordPress Aplazo Payment Gateway plugin <= 1.4.2 - Missing Authorization to Unauthenticated Order Status Manipulation vulnerability

Missing Authorization to Unauthenticated Order Status Manipulation vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Aplazo Payment Gateway versions = 1.4.2...

PT-2025-49345

The Helloprint plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.2. This is due to the plugin registering a public REST API endpoint without implementing authorization checks to verify request authenticity. This makes it possible for unauthenticated...

WordPress Oceanpayment CreditCard Gateway plugin <= 6.0 - Missing Authentication to Unauthenticated Order Status Update vulnerability

Missing Authentication to Unauthenticated Order Status Update vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Oceanpayment CreditCard Gateway versions = 6.0...

WordPress WooCommerce plugin < 9.4.3 - Unauthenticated Order Creation vulnerability

Unauthenticated Order Creation vulnerability discovered by Laszlo in WordPress Plugin WooCommerce versions 9.4.3...