Supun Halangoda

**Name of the Vulnerable Software and Affected Versions** PayHere Payment Gateway WordPress plugin versions prior to 2.2.12 **Description** The issue arises from the automatic creation of publicly-accessible log files containing sensitive information when transactions occur. This affects the PayHere Payment Gateway WordPress plugin. **Recommendations** For versions prior to 2.2.12, update to version 2.2.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the log files until a patch is applied.