Analysis and contextual insights are available on OpenCVE Cloud.
Vendor Solution
Update the WordPress Novalnet Payment Gateway for WooCommerce Plugin to the latest available version (at least 12.10.4).
Tracking
Sign in to view the affected projects.
No advisories yet.
Mon, 06 Jul 2026 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Novalnet
Novalnet novalnet Payment Gateway For Woocommerce Wordpress Wordpress wordpress |
|
| Vendors & Products |
Novalnet
Novalnet novalnet Payment Gateway For Woocommerce Wordpress Wordpress wordpress |
Thu, 02 Jul 2026 12:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 02 Jul 2026 11:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Unauthenticated PHP Object Injection in Novalnet Payment Gateway for WooCommerce <= 12.10.3 versions. | |
| Title | WordPress Novalnet Payment Gateway for WooCommerce plugin <= 12.10.3 - PHP Object Injection vulnerability | |
| Weaknesses | CWE-502 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-07-02T12:09:37.862Z
Reserved: 2026-06-25T08:03:42.566Z
Link: CVE-2026-57677
Updated: 2026-07-02T12:09:33.647Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-08T00:45:04Z