Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU PayU India allows Authentication Abuse.This issue affects PayU India: from n/a before 3.8.8.
History

Tue, 08 Jul 2025 19:30:00 +0000

Type Values Removed Values Added
Description Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India allows Authentication Abuse. This issue affects PayU India: from n/a through 3.8.5. Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU PayU India allows Authentication Abuse.This issue affects PayU India: from n/a before 3.8.8.
Title WordPress PayU India plugin <= 3.8.5 - Account Takeover vulnerability WordPress PayU India plugin < 3.8.8 - Account Takeover vulnerability

Tue, 10 Jun 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 09 Jun 2025 16:15:00 +0000

Type Values Removed Values Added
Description Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India allows Authentication Abuse. This issue affects PayU India: from n/a through 3.8.5.
Title WordPress PayU India plugin <= 3.8.5 - Account Takeover vulnerability
Weaknesses CWE-288
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2025-06-09T15:56:48.504Z

Updated: 2025-07-08T19:15:49.090Z

Reserved: 2025-03-26T09:23:06.940Z

Link: CVE-2025-31022

cve-icon Vulnrichment

Updated: 2025-06-10T13:45:13.515Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-06-09T16:15:36.610

Modified: 2025-07-08T20:15:25.710

Link: CVE-2025-31022

cve-icon Redhat

No data.