2 matches found
CVE-2025-14461
The Xendit Payment plugin for WordPress is vulnerable to unauthorized order status manipulation in all versions up to, and including, 6.0.2. This is due to the plugin exposing a publicly accessible WooCommerce API callback endpoint wcxenditcallback that processes payment callbacks without any...
The vulnerability of MasterCard Tokenisation Service (MDES) and Visa Tokenisation Service (VTS) lies in the possibility of arbitrary modification of the “Amount” field in the Authorization Request ISO 8583 packet. This allows attackers to use cryptographic algorithms to carry out fraudulent transactions.
The vulnerability of MasterCard Tokenisation Service MDES and Visa Tokenisation Service VTS lies in the possibility of arbitrary modification of the “Amount” field in the Authorisation Request ISO 8583 packet. Exploiting this vulnerability could allow attackers to use cryptographic keys to carry...