Payment EX Ver1.1.5b and earlier allows a remote unauthenticated attacker to obtain the information of the user who purchases merchandise using Payment EX.
[
{
"vendor": "Simplesite",
"product": "Payment EX",
"versions": [
{
"version": "Ver1.1.5b and earlier",
"status": "affected"
}
]
}
]