SQL Injection Vulnerability in Trust Payments Gateway for WooCommerce
CVE-2025-28942

9.3CRITICAL

Key Information:

Vendor: Trust Payments
Status: Trust Payments Gateway For WooCommerce
Vendor: CVE Published:; 26 March 2025

🔔 Create Trust Payments Vulnerability Alert

What is CVE-2025-28942?

A vulnerability exists in the Trust Payments Gateway for WooCommerce due to improper neutralization of special elements in an SQL command, which allows for SQL Injection attacks. This weakness can lead to unauthorized access to the database, manipulation of data, or the execution of malicious queries. The vulnerability impacts versions of the Trust Payments Gateway for WooCommerce from n/a up to 1.1.4, highlighting the necessity for users to upgrade and apply patches to secure their applications from potential exploits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Trust Payments Gateway for WooCommerce <= 1.1.4

References

https://patchstack.com/database/wordpress/plugin/trust-pa...

vdb-entry

CVSS V3.1

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Mar 26, 2025
Vulnerability Reserved
Mar 11, 2025

Credit

Aiden (Thái An) (Patchstack Alliance)

JSON

Trust Payments

What is CVE-2025-28942?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.