Filtered by vendor Linknacional
Subscriptions
Filtered by product Rede Itau For Woocommerce
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0942 | 3 Linknacional, Woocommerce, Wordpress | 3 Rede Itau For Woocommerce, Woocommerce, Wordpress | 2026-01-16 | 5.3 Medium |
| The Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clearOrderLogs() function in all versions up to, and including, 5.1.2. This makes it possible for unauthenticated attackers to delete the Rede Order Logs metadata from all WooCommerce orders. | ||||
| CVE-2026-0939 | 3 Linknacional, Woocommerce, Wordpress | 3 Rede Itau For Woocommerce, Woocommerce, Wordpress | 2026-01-16 | 5.3 Medium |
| The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to order status manipulation due to insufficient verification of data authenticity in all versions up to, and including, 5.1.2. This is due to the plugin failing to verify the authenticity of payment callbacks. This makes it possible for unauthenticated attackers to manipulate WooCommerce order statuses, either marking unpaid orders as paid, or failed. | ||||
Page 1 of 1.