← Back

Paymaster For Woocommerce

paymaster_for_woocommerce

Vendor: Qazomardok • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-6729
1Qazomardok
1Paymaster For Woocommerce
Jul 9, 2025
Jul 4, 2025
N/A· v4
6.4 MEDIUM· v3
N/A· v2
The PayMaster for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 0.4.31 via the 'wp_ajax_paym_status' AJAX action This makes it possible for authentica...Show more
The PayMaster for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 0.4.31 via the 'wp_ajax_paym_status' AJAX action This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.Show less