Refine your search
1 vulnerability found for Envíos Coordinadora Woocommerce by Coordinadora Mercantil S.A.
CVE-2025-57922 (GCVE-0-2025-57922)
Vulnerability from cvelistv5
Published
2025-09-22 18:25
Modified
2026-04-28 16:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-201 - Insertion of Sensitive Information Into Sent Data
Summary
Insertion of Sensitive Information Into Sent Data vulnerability in Coordinadora Mercantil S.A. Envíos Coordinadora Woocommerce coordinadora allows Retrieve Embedded Sensitive Data.This issue affects Envíos Coordinadora Woocommerce: from n/a through <= 1.1.32.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Coordinadora Mercantil S.A. | Envíos Coordinadora Woocommerce |
Version: 0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57922",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T14:09:17.473152Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T14:10:27.899Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "coordinadora",
"product": "Env\u00edos Coordinadora Woocommerce",
"vendor": "Coordinadora Mercantil S.A.",
"versions": [
{
"lessThanOrEqual": "1.1.32",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nabil Irawan | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:42:43.333Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insertion of Sensitive Information Into Sent Data vulnerability in Coordinadora Mercantil S.A. Env\u00edos Coordinadora Woocommerce coordinadora allows Retrieve Embedded Sensitive Data.\u003cp\u003eThis issue affects Env\u00edos Coordinadora Woocommerce: from n/a through \u003c= 1.1.32.\u003c/p\u003e"
}
],
"value": "Insertion of Sensitive Information Into Sent Data vulnerability in Coordinadora Mercantil S.A. Env\u00edos Coordinadora Woocommerce coordinadora allows Retrieve Embedded Sensitive Data.This issue affects Env\u00edos Coordinadora Woocommerce: from n/a through \u003c= 1.1.32."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-201",
"description": "Insertion of Sensitive Information Into Sent Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:13:38.489Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/coordinadora/vulnerability/wordpress-envios-coordinadora-woocommerce-plugin-1-1-31-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"title": "WordPress Env\u00edos Coordinadora Woocommerce plugin \u003c= 1.1.32 - Sensitive Data Exposure vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-57922",
"datePublished": "2025-09-22T18:25:11.627Z",
"dateReserved": "2025-08-22T11:36:12.721Z",
"dateUpdated": "2026-04-28T16:13:38.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}