CVE-2026-1305

{"id": "CVE-2026-1305", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-1305", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-27T15:39:13.780413Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "affected": [{"source": "security@wordfence.com", "affectedData": [{"vendor": "shoheitanaka", "product": "Japanized for WooCommerce", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.8.4"}], "defaultStatus": "unaffected"}]}], "published": "2026-02-27T10:16:21.863", "references": [{"url": "https://plugins.trac.wordpress.org/browser/woocommerce-for-japan/tags/2.8.2/includes/gateways/paidy/class-wc-paidy-endpoint.php#L108", "source": "security@wordfence.com"}, {"url": "https://plugins.trac.wordpress.org/browser/woocommerce-for-japan/tags/2.8.2/includes/gateways/paidy/class-wc-paidy-endpoint.php#L63", "source": "security@wordfence.com"}, {"url": "https://plugins.trac.wordpress.org/browser/woocommerce-for-japan/trunk/includes/gateways/paidy/class-wc-paidy-endpoint.php#L108", "source": "security@wordfence.com"}, {"url": "https://plugins.trac.wordpress.org/browser/woocommerce-for-japan/trunk/includes/gateways/paidy/class-wc-paidy-endpoint.php#L63", "source": "security@wordfence.com"}, {"url": "https://plugins.trac.wordpress.org/changeset/3464868/woocommerce-for-japan/trunk/includes/gateways/paidy/class-wc-paidy-endpoint.php", "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8cef4b2b-ae8d-4e18-b763-6960a0b944f7?source=cve", "source": "security@wordfence.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "The Japanized for WooCommerce plugin for WordPress is vulnerable to Improper Authentication in versions up to, and including, 2.8.4. This is due to a flawed permission check in the `paidy_webhook_permission_check` function that unconditionally returns `true` when the webhook signature header is omitted. This makes it possible for unauthenticated attackers to bypass payment verification and fraudulently mark orders as \"Processing\" or \"Completed\" without actual payment via a crafted POST request to the Paidy webhook endpoint."}, {"lang": "es", "value": "El plugin Japanized para WooCommerce para WordPress es vulnerable a una autenticaci\u00f3n incorrecta en versiones hasta la 2.8.4, inclusive. Esto se debe a una verificaci\u00f3n de permisos defectuosa en la funci\u00f3n `paidy_webhook_permission_check` que devuelve `true` incondicionalmente cuando se omite el encabezado de firma del webhook. Esto permite a atacantes no autenticados omitir la verificaci\u00f3n de pago y marcar fraudulentamente pedidos como 'En procesamiento' o 'Completado' sin pago real, mediante una solicitud POST manipulada al punto final del webhook de Paidy."}], "lastModified": "2026-06-17T10:15:29.193", "sourceIdentifier": "security@wordfence.com"}