Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:31 a.m.10 views

CVE-2023-2733

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.0. This is due to insufficient verification on the user being supplied during the coupon redemption REST API request through the plugin. This makes it possible for unauthenticated...

9.8CVSS7.1AI score0.01256EPSS
Exploits0References1
NVD
NVD
added 2023/05/25 3:15 a.m.17 views

CVE-2023-2733

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.0. This is due to insufficient verification on the user being supplied during the coupon redemption REST API request through the plugin. This makes it possible for unauthenticated...

9.8CVSS9.7AI score0.01256EPSS
Exploits0References3
OSV
OSV
added 2023/05/25 3:15 a.m.5 views

CVE-2023-2733

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.0. This is due to insufficient verification on the user being supplied during the coupon redemption REST API request through the plugin. This makes it possible for unauthenticated...

9.8CVSS7.3AI score0.01256EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/05/25 3:15 a.m.3 views

CVE-2023-2733

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.0. This is due to insufficient verification on the user being supplied during the coupon redemption REST API request through the plugin. This makes it possible for unauthenticated...

9.8CVSS7.2AI score0.01256EPSS
Exploits0References4
Prion
Prion
added 2023/05/25 3:15 a.m.27 views

Authentication flaw

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.0. This is due to insufficient verification on the user being supplied during the coupon redemption REST API request through the plugin. This makes it possible for unauthenticated...

7.5CVSS9.5AI score0.01256EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/05/25 2:5 a.m.22 views

CVE-2023-2733 MStore API <= 3.9.0 - Authentication Bypass

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.0. This is due to insufficient verification on the user being supplied during the coupon redemption REST API request through the plugin. This makes it possible for unauthenticated...

9.8CVSS9.8AI score0.01256EPSS
Exploits0References3
Hacker One
Hacker One
added 2016/08/09 10:12 p.m.34 views

Instacart: Race Condition in Redeeming Coupons

Hello, There exists a race condition in redeeming coupons, allowing a user to redeem the same coupon multiple times, and stacking savings added. This allows for a user to get virtually any discount. POC: 1. Visit your account and select 'Promo Codes'. 2. Select redeem promo code, and add any prom...

1.1AI score
Exploits0
Rows per page
Query Builder