High severity7.5NVD Advisory· Published Aug 26, 2020· Updated Jun 17, 2026
CVE-2020-11497
CVE-2020-11497
Description
An issue was discovered in the NAB Transact extension 2.1.0 for the WooCommerce plugin for WordPress. An online payment system bypass allows orders to be marked as fully paid by assigning an arbitrary bank transaction ID during the payment-details entry step.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/WooCommercedescription
- Range: =2.1.0
Patches
Vulnerability mechanics
References
3- seclists.org/fulldisclosure/2020/Aug/13nvdExploitMailing ListThird Party Advisory
- www.themissinglink.com.au/security-advisories-cve-2020-11497nvdExploitThird Party Advisory
- packetstormsecurity.com/files/158931/WordPress-NAB-Transact-WooCommerce-2.1.0-Payment-Bypass.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.