4 matches found
PT-2026-5879
Name of the Vulnerable Software and Affected Versions Xendit Payment plugin for WordPress versions up to and including 6.0.2 Description The Xendit Payment plugin for WordPress is susceptible to unauthorized modification of order statuses. This occurs because the plugin exposes a publicly...
CVE-2025-15512
The CVE-2025-15512 entry describes a vulnerability in the WordPress Aplazo Payment Gateway plugin (versions up to and including 1.4.2) where a missing capability check in check_success_response() allows unauthenticated attackers to modify any WooCommerce order to the pending payment status. Multi...
PT-2026-1636
Name of the Vulnerable Software and Affected Versions Piraeus Bank WooCommerce Payment Gateway plugin for WordPress versions through 3.1.4 Description The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is susceptible to unauthorized modification of order statuses. This is a result ...
WordPress WooCommerce GloBee Payment Gateway 1.1.1 Bypass / Spoofing
?php Exploit Title: WordPress WooCommerce - GloBee cryptocurrency Payment Gateway Plugin Payment Bypass / Unauthorized Order Status Spoofing Discovery Date: 14.12.2018 Public Disclosure Date: 14.02.2019 Exploit Author: GeekHack Contact: https://t.me/GeekHack Vendor Homepage: https://globee.com/...