CVE-2025-15609
Fortis For WooCommerce < 1.3.1 - Sensitive API Key Disclosure
The Fortis for WooCommerce WordPress plugin before 1.3.1 may leak sensitive API keys to unauthenticated attackers, allowing them to query Fortis' API and retrieve sensitive customer information, like past orders, PII, etc.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
Unknown · Fortis for WooCommercepublic PoCs found — 1
cve_referencewpscan.com/vulnerability/220f72ea-e3b4-44c9-8c9b-15662aebb6cb/unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →