2026-02-04 08:25:26
Wordfence
PUBLISHED
The Chapa Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.3 via chapa_proceed WooCommerce API endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including the merchants Chapa secret API key.