CVE-2025-11728 | Oceanpayment CreditCard Gateway Plugin up to 6.0 on WordPress Order Status Update return_payment missing authentication

A vulnerability, which was classified as critical, has been found in Oceanpayment CreditCard Gateway Plugin up to 6.0 on WordPress. This affects the function return_payment of the component Order Status Update Handler. This manipulation causes missing authentication.

This vulnerability is tracked as CVE-2025-11728. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More