VYPR

Woocommerce Ean Payment Gateway

by Yanco

CVEs (2)

  • CVE-2026-1370MedFeb 4, 2026
    risk 0.32cvss 4.9epss 0.00

    The SIBS woocommerce payment gateway plugin for WordPress is vulnerable to time-based SQL Injection via the ‘referencedId’ parameter in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on…

  • CVE-2023-4947MedOct 20, 2023
    risk 0.28cvss 4.3epss 0.00

    The WooCommerce EAN Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the refresh_order_ean_data AJAX action in versions up to 6.1.0. This makes it possible for authenticated attackers with…