cleantalk
Vulnerabilities and Security Researches

WooCommerce Eway Gateway, 25c033c851a6b18ed72fdc96796538b28f1b80c8

CVE, Research URL

25c033c851a6b18ed72fdc96796538b28f1b80c8

Home page URL

Security reports for WooCommerce Eway Gateway

Application

WooCommerce Eway Gateway

Published on
Jan 05, 2023
Research Description
Eway Payments for Woo [woocommerce-gateway-eway] < 3.5.1 WordPress WooCommerce Eway Gateway Plugin <= 3.5.0 is vulnerable to Insecure Direct Object References (IDOR) Update the WordPress WooCommerce Eway Gateway plugin to the latest available version (at least 3.5.1). WordfenceTeam discovered and reported this Insecure Direct Object References (IDOR) vulnerability in WordPress WooCommerce Eway Gateway Plugin. An insecure direct object reference vulnerability could allow a malicious actor to bypass authorization, authentication, access sensitive files/folders or interact with the database. This vulnerability has been fixed in version 3.5.1.
Affected versions
max 3.5.1.
Status
vulnerable
Previous vulnerability researches
WooCommerce Eway Gateway (25c033c851a6b18ed72fdc96796538b28f1b80c8) , Jun 16, 2026
WooCommerce Eway Gateway (7c85d88d9dc2379ea67793743b81c512dfec2ccf) , Jun 07, 2024
New vulnerability
Companion Auto Update (7cd2d4dc-1f88-40bb-b32c-c047aeaa7996) , Jun 16, 2026
Companion Auto Update (4ed0f911f8fcd2b401511da7c4879e693fff1d89) , Jun 16, 2026
WordPress Translation plugin for Post, Pages &amp; WooCommerce products. Tranzly IO AI DeepL automatic WordPress Translator. (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
WordPress Translation plugin for Post, Pages &amp; WooCommerce products. Tranzly IO AI DeepL automatic WordPress Translator. (0b128c2a9f79294ec38736ed95077005e1cdb5a2) , Jun 16, 2026
Cloudflare (1674fd5d30f242cd9c1196dcd4154e705baacb9c) , Jun 16, 2026