PatchSiren

Stiofan CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Stiofan CVE published 2026-06-15

CVE-2026-49064

CVE-2026-49064 is a HIGH severity vulnerability in the GetPaid plugin for WordPress, with a CVSS score of 7.5. The vulnerability is caused by an Insertion of Sensitive Information Into Sent Data issue, which allows attackers to retrieve embedded sensitive data. This issue affects GetPaid versions from n/a through 2.8.49.