GlobalPayments WooCommerce allows hackers to access unauthorized servers

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

GlobalPayments WooCommerce allows hackers to access unauthorized servers

CVE-2026-39645

Summary

A security flaw in GlobalPayments WooCommerce allows hackers to trick the system into making unauthorized requests to external servers. This could lead to sensitive data being exposed or malicious actions being taken. To protect your business, update to the latest version of GlobalPayments WooCommerce.

Original title

Server-Side Request Forgery (SSRF) vulnerability in Global Payments GlobalPayments WooCommerce global-payments-woocommerce allows Server Side Request Forgery.This issue affects GlobalPayments WooCo...

Original description

Vulnerability type

CWE-918 Server-Side Request Forgery (SSRF)

https://patchstack.com/database/Wordpress/Plugin/global-payments-woocommerce/vul...

Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026