cleantalk
Vulnerabilities and Security Researches

Pays – WooCommerce Payment Gateway, CVE-2025-47648

CVE, Research URL

CVE-2025-47648

Home page URL

Security reports for Pays – WooCommerce Payment Gateway

Application

Pays – WooCommerce Payment Gateway

Published on
May 07, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in axima Pays – WooCommerce Payment Gateway allows Stored XSS. This issue affects Pays – WooCommerce Payment Gateway: from n/a through 2.6.
Affected versions
Min -, max 2.6.
Status
vulnerable
Previous vulnerability researches
Panda Pods Repeater Field (CVE-2022-4306) , Jun 06, 2024
Pods – Custom Content Types and Fields (CVE-2024-11849) , Jan 07, 2025
Pods – Custom Content Types and Fields (CVE-2025-1446) , May 08, 2025
Pods – Custom Content Types and Fields (CVE-2014-7956) , Jun 07, 2024
Pods – Custom Content Types and Fields (CVE-2023-6999) , Jun 07, 2024
New vulnerability
Top 10 – WordPress Popular posts by WebberZone (CVE-2025-47509) , May 09, 2025
Easy Replace Image (CVE-2025-47483) , May 09, 2025
Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress (CVE-2025-47520) , May 09, 2025
GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress (CVE-2025-47508) , May 09, 2025
Simple calendar for Elementor (CVE-2025-47542) , May 09, 2025