3 matches found
CVE-2024-0626
The WooCommerce Clover Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the callbackhandler function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to mark orders as paid...
WordPress Plugin WooCommerce Clover Payment Gateway 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress Plugin...
WordPress WooCommerce Clover Payment Gateway Plugin <= 1.3.1 is vulnerable to Broken Access Control
Software WooCommerce Clover Payment Gateway Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-0626 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 06c0aefba99a Credits Francesco...