9 matches found
CVE-2026-2592
The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control to Payment Status Update in all versions up to and including 5.0.16. This is due to the payment callback handler 'ReturnfromZarinPalGateway' failing to validate that the authority token provided in...
WordPress Zarinpal Gateway for WooCommerce plugin <= 5.0.16 - Improper Access Control to Payment Status Update vulnerability
Improper Access Control to Payment Status Update vulnerability discovered by shark3y in WordPress Plugin Zarinpal Gateway versions = 5.0.16...
CVE-2026-2592
The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control to Payment Status Update in all versions up to and including 5.0.16. This is due to the payment callback handler 'ReturnfromZarinPalGateway' failing to validate that the authority token provided in...
CVE-2026-2592
The CVE concerns the Zarinpal Gateway for WooCommerce plugin for WordPress, affecting all versions up to 5.0.16. The issue is Improper Access Control to Payment Status Update caused by the payment callback handler (Return_from_ZarinPal_Gateway) not validating that the authority token in the callb...
CVE-2026-2592 Zarinpal Gateway for WooCommerce <= 5.0.16 - Improper Access Control to Payment Status Update
The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control to Payment Status Update in all versions up to and including 5.0.16. This is due to the payment callback handler 'ReturnfromZarinPalGateway' failing to validate that the authority token provided in...
CVE-2026-2592
The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control to Payment Status Update in all versions up to and including 5.0.16. This is due to the payment callback handler 'ReturnfromZarinPalGateway' failing to validate that the authority token provided in...
CVE-2026-2592 Zarinpal Gateway for WooCommerce <= 5.0.16 - Improper Access Control to Payment Status Update
The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control to Payment Status Update in all versions up to and including 5.0.16. This is due to the payment callback handler 'ReturnfromZarinPalGateway' failing to validate that the authority token provided in...
PT-2026-8397
Name of the Vulnerable Software and Affected Versions Zarinpal Gateway for WooCommerce plugin versions prior to 5.0.17 Description The Zarinpal Gateway for WooCommerce plugin for WordPress has an issue with Improper Access Control to Payment Status Update. The payment callback handler Return from...
WordPress plugin Zarinpal Gateway for WooCommerce 访问控制错误漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...