CVE-2026-3208 - Mercado Pago payments for WooCommerce <= 8.7.11 - Missing Authorization to Unauthenticated PIX Payment QR Code Image Disclosure
CVE ID :CVE-2026-3208 Published : May 6, 2026, 3:27 a.m. | 1 hour ago Description :The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'mp_pix_image' WooCommerce API endpoint in all versions up to,
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware
- [CYBER] Risky Business #836 -- You can't patch the bugpocalypse
- [CYBER] Ransomware Gangs Escalate Attacks on Aviation and Aerospace Sector
- [CYBER] New dashboard tracks ransomware groups by their reliance on Infostealer credentials
- [CYBER] Critical Palo Alto Firewall Vulnerability Enables Attackers to Gain Root Privileges
- [CYBER] Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls