Filtered by vendor Payhere
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-15475 | 2 Payhere, Wordpress | 2 Payment Gateway Plugin For Woocommerce, Wordpress | 2026-01-15 | 5.3 Medium |
| The PayHere Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to an improper validation logic in the check_payhere_response function in all versions up to, and including, 2.3.9. This makes it possible for unauthenticated attackers to change the status of pending WooCommerce orders to paid/completed/on hold. | ||||
| CVE-2023-6064 | 1 Payhere | 1 Payhere Payment Gateway | 2025-05-13 | 7.5 High |
| The PayHere Payment Gateway WordPress plugin before 2.2.12 automatically creates publicly-accessible log files containing sensitive information when transactions occur. | ||||
Page 1 of 1.