WooCommerce Placetopay Gateway <= 3.2.2 - Reflected Cross-Site Scripting via 'redirect-url'
Summary
| CVE | CVE-2026-11324 |
|---|---|
| State | PUBLISHED |
| Assigner | Wordfence |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-07-17 04:16:50 UTC |
| Updated | 2026-07-17 04:16:50 UTC |
| Description | The WooCommerce Placetopay Gateway and PlacetoPay/AvalPay gateway plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the 'redirect-url' parameter in versions up to, and including, 3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. |
Risk And Classification
Primary CVSS: v3.1 6.1 MEDIUM from [email protected]
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Problem Types: CWE-79 | CWE-79 CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Primary | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
| 3.1 | CNA | DECLARED | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
RequiredScope
ChangedConfidentiality
LowIntegrity
LowAvailability
NoneCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Evertec | WooCommerce Placetopay Gateway Belice | affected 3.2.2 semver | Not specified |
| CNA | Evertec | WooCommerce Placetopay Gateway Ecuador | affected 3.2.2 semver | Not specified |
| CNA | Evertec | WooCommerce Placetopay Gateway Colombia | affected 3.2.2 semver | Not specified |
| CNA | Evertec | WooCommerce Placetopay Gateway Uruguay | affected 3.2.2 semver | Not specified |
| CNA | Evertec | WooCommerce Placetopay Gateway | affected 3.2.2 semver | Not specified |
| CNA | Evertec | WooCommerce Placetopay Gateway Honduras | affected 3.2.2 semver | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.wordfence.com/threat-intel/vulnerabilities/id/8ca87868-357b-4d71-9bf9-cd3b1... | [email protected] | www.wordfence.com | |
| github.com/placetopay/woocommerce-gateway-placetopay/releases/tag/3.2.2 | [email protected] | github.com | |
| evertecinc.com/en/solution/placetopay | [email protected] | evertecinc.com | |
| github.com/placetopay/woocommerce-gateway-placetopay/blob/3.2.2/src/Gate... | [email protected] | github.com | |
| github.com/placetopay/woocommerce-gateway-placetopay/blob/3.2.2/src/Gate... | [email protected] | github.com | |
| github.com/placetopay/woocommerce-gateway-placetopay/blob/3.2.2/src/Gate... | [email protected] | github.com | |
| github.com/placetopay/woocommerce-gateway-placetopay/blob/3.2.2/src/Gate... | [email protected] | github.com | |
| banco.santander.cl/uploads/000/049/181/1705c2cf-fc73-4fc4-a29d-f56f3ea88103/orig... | [email protected] | banco.santander.cl | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Joshua Provoste (en)
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| CNA | 2026-07-16T13:36:44.000Z | Disclosed |
There are currently no legacy QID mappings associated with this CVE.