CVE Catalog
CVE-2026-49064
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.25%
15th percentile — higher than 15% of all known CVEs
Summary
The Stiofan GetPaid vulnerability involves the insertion of sensitive information into sent data, allowing for the retrieval of that data later.
Risk Assessment
Organizations may be exposed to the disclosure of sensitive data, potentially leading to privacy breaches and loss of customer trust.
Recommendation
It is recommended to update to the latest version of GetPaid to mitigate the risks associated with this vulnerability.
Original NVD description (English source)
Insertion of Sensitive Information Into Sent Data vulnerability in Stiofan GetPaid allows Retrieve Embedded Sensitive Data. This issue affects GetPaid: from n/a through 2.8.49.

