CVE Catalog

CVE-2026-34891

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.30%

22th percentile - higher than 22% of all known CVEs

Summary

The IDPay Payment Gateway for WooCommerce versions up to 2.2.5 has a vulnerability that allows unauthorized access to sensitive data.

Risk Assessment

Organizations may be exposed to the leakage of confidential information, potentially leading to financial fraud or loss of customer trust.

Recommendation

It is recommended to update the IDPay Payment Gateway to the latest version to mitigate this vulnerability.

Original NVD description (English source)

Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce <= 2.2.5 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS