CVE-2026-1305 | shohei.tanaka Japanized for WooCommerce Plugin up to 2.8.4 on WordPress Paidy Webhook Endpoint paidy_webhook_permission_check authorization

Inserito da Angelo Barbosa | Feb 27, 2026 | CVE

A vulnerability labeled as problematic has been found in shohei.tanaka Japanized for WooCommerce Plugin up to 2.8.4 on WordPress. This impacts the function paidy_webhook_permission_check of the component Paidy Webhook Endpoint. Executing a manipulation can lead to missing authorization.

This vulnerability appears as CVE-2026-1305. The attack may be performed from remote. There is no available exploit.

CVE-2026-1305 | shohei.tanaka Japanized for WooCommerce Plugin up to 2.8.4 on WordPress Paidy Webhook Endpoint paidy_webhook_permission_check authorization

Post correlati

CVE-2024-21843 | Intel Computing Improvement Program Software prior 2.4.0.10654 uncontrolled search path (intel-sa-01059)

CVE-2025-10759 | Webkul QloApps up to 1.7.0 CSRF Token token authorization

CVE-2024-5754 | zephyrproject-rtos Zephyr up to 3.6 BT cryptographic issues (GHSA-gvv5-66hw-5qrc)

CVE-2024-30883 | RageFrame2 2.6.43 aspectRatio cross site scripting (Issue 114)