Analysis and contextual insights are available on OpenCVE Cloud.
Vendor Solution
Update the WordPress Novalnet Payment Gateway for WooCommerce Plugin to the latest available version (at least 12.10.4).
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 02 Jul 2026 12:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 02 Jul 2026 11:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Unauthenticated PHP Object Injection in Novalnet Payment Gateway for WooCommerce <= 12.10.3 versions. | |
| Title | WordPress Novalnet Payment Gateway for WooCommerce plugin <= 12.10.3 - PHP Object Injection vulnerability | |
| Weaknesses | CWE-502 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-07-02T12:09:37.862Z
Reserved: 2026-06-25T08:03:42.566Z
Link: CVE-2026-57677
Updated: 2026-07-02T12:09:33.647Z
No data.
No data.
OpenCVE Enrichment
No data.