Vulnerabilities and security researches forrobokassa robokassa

Jun 07, 2024

CVE, Research URL: 460912a86cae6b7eebf28bf2d66b27d6b124510f
Home page URL: Security reports for Robokassa payment gateway for Woocommerce
Application: Robokassa payment gateway for Woocommerce
Date: Apr 20, 2023
Research Description: Robokassa payment gateway for Woocommerce [robokassa] < 1.4.6 WordPress Robokassa payment gateway for Woocommerce Plugin <= 1.4.5 is vulnerable to Cross Site Scripting (XSS) Update the WordPress Robokassa payment gateway for Woocommerce plugin to the latest available version (at least 1.4.6). An unknown person discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Robokassa payment gateway for Woocommerce Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.4.6.
Affected versions: max 1.4.6.
Status: vulnerable

Oct 03, 2024

CVE, Research URL: CVE-2024-47395
Home page URL: Security reports for Robokassa payment gateway for Woocommerce
Application: Robokassa payment gateway for Woocommerce
Date: Oct 05, 2024
Research Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Robokassa Robokassa payment gateway for Woocommerce allows Reflected XSS.This issue affects Robokassa payment gateway for Woocommerce: from n/a through 1.6.1.
Affected versions: max 1.6.2.
Status: vulnerable

Nov 11, 2025

CVE, Research URL: CVE-2025-49958
Home page URL: Security reports for Robokassa payment gateway for Woocommerce
Application: Robokassa payment gateway for Woocommerce
Date: Oct 22, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robokassa Robokassa payment gateway for Woocommerce robokassa allows Reflected XSS.This issue affects Robokassa payment gateway for Woocommerce: from n/a through <= 1.8.1.
Affected versions: max 1.8.1.
Status: vulnerable