Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/11/13 9:8 a.m.7 views

CVE-2025-12903

The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-braintree/v1/3ds/vaultednonce REST API endpoint in all versions up to, and including, 3.2.78. This is due to the endpoint being registered with...

7.5CVSS5.3AI score0.0041EPSS
Exploits0References1
NVD
NVD
added 2025/11/12 9:15 a.m.6 views

CVE-2025-12903

The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-braintree/v1/3ds/vaultednonce REST API endpoint in all versions up to, and including, 3.2.78. This is due to the endpoint being registered with...

7.5CVSS0.0041EPSS
Exploits0References6
EUVD
EUVD
added 2025/11/12 8:28 a.m.7 views

EUVD-2025-119984

The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-braintree/v1/3ds/vaultednonce REST API endpoint in all versions up to, and including, 3.2.78. This is due to the endpoint being registered with...

7.5CVSS5AI score0.0041EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/11/12 8:28 a.m.4 views

CVE-2025-12903 Payment Plugins Braintree For WooCommerce <= 3.2.78 - Missing Authorization to Payment Token Exposure and Transaction Fraud

The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-braintree/v1/3ds/vaultednonce REST API endpoint in all versions up to, and including, 3.2.78. This is due to the endpoint being registered with...

7.5CVSS4.9AI score0.0041EPSS
Exploits0References6
CVE
CVE
added 2025/11/12 8:28 a.m.30 views

CVE-2025-12903

The CVE-2025-12903 concerns the WordPress plugin Payment Plugins Braintree For WooCommerce. It affects all versions up to 3.2.78 and arises from a missing capability check on the REST endpoint wc-braintree/v1/3ds/vaulted_nonce, registered with permission_callback set to __return_true. This allows...

7.5CVSS4.9AI score0.0041EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/11/12 12:0 a.m.4 views

PT-2025-46580

Name of the Vulnerable Software and Affected Versions Braintree For WooCommerce versions up to and including 3.2.78 Description The Payment Plugins Braintree For WooCommerce plugin for WordPress is susceptible to authorization bypass. This is caused by a missing capability check on the...

7.5CVSS6AI score0.0041EPSS
Exploits0References9
Rows per page
Query Builder