Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:31 a.m.19 views

CVE-2024-0431

The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. This is due to missing or incorrect nonce validation on the 'ajaxsetdefaultcard' function. This makes it possible for unauthenticated attackers to set the...

4.3CVSS6.4AI score0.00295EPSS
Exploits0References1
Circl
Circl
added 2024/03/14 9:51 a.m.6 views

CVE-2024-0431

creationtimestamp| type| source ---|---|--- 2024-03-14 09:51:08+00:00| seen| https://t.me/ctinow/207573 2025-04-22 16:03:29+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12886...

4.3CVSS6.4AI score0.00295EPSS
Exploits0References2
NVD
NVD
added 2024/02/28 9:15 a.m.25 views

CVE-2024-0431

The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. This is due to missing or incorrect nonce validation on the 'ajaxsetdefaultcard' function. This makes it possible for unauthenticated attackers to set the...

4.3CVSS4.2AI score0.00295EPSS
Exploits0References3
CVE
CVE
added 2024/02/28 8:33 a.m.115 views

CVE-2024-0431

CVE-2024-0431 — Gestpay for WooCommerce (WordPress) is a CSRF vulnerability in the ajax_set_default_card handler caused by missing/incorrect nonce validation. It allows unauthenticated attackers to set a user’s default card token via a forged request if a site admin is enticed to perform an actio...

4.3CVSS5.2AI score0.00295EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/02/26 12:0 a.m.15 views

WordPress Gestpay for WooCommerce Plugin <= 20221130 is vulnerable to Cross Site Request Forgery (CSRF)

Software Gestpay for WooCommerce Type Plugin Vulnerable versions = 20221130 Fixed in 20240307 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0431 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c805dc083a4d Credits...

4.3CVSS6.6AI score0.00295EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder