GCVE - cpe:2.3:a:woocommerce:nab_transact:2.1.0:*:*:*:*:wordpress:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:woocommerce:nab_transact:2.1.0:*:*:*:*:wordpress:*:*

part: a version: 2.1.0 update: *

Vendor	Woocommerce (`c7b0e075-8e70-51f0-86a8-e45639512f20`)
Product	Nab Transact (`3d745fa2-4bb1-5e6e-a8eb-89df89267a6b`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-11497`	vulnerable	2026-06-03 14:41:26.183074	Details available An issue was discovered in the NAB Transact extension 2.1.0 for the WooCommerce plugin for WordPress. An online payment system bypass allows orders to be marked as fully paid by assigning an arbitrary bank transaction ID during the payment-details entry step. Published: 2020-08-26T18:25:23.000Z Updated: 2024-08-04T11:35:12.449Z Open on db.gcve.eu Reference links https://www.themissinglink.com.au/security-advisories-cve-2020-11497 http://seclists.org/fulldisclosure/2020/Aug/13 http://seclists.org/fulldisclosure/2020/Aug/13 http://packetstormsecurity.com/files/158931/WordPress-NAB-Transact-WooCommerce-2.1.0-Payment-Bypass.html	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.