Lucene search
K

4 matches found

NVD
NVD
added 2021/09/29 8:15 p.m.17 views

CVE-2021-39342

The CredovaFinancial WordPress plugin discloses a site's associated Credova API account username and password in plaintext via an AJAX action whenever a site user goes to checkout on a page that has the Credova Financing option enabled. This affects versions up to, and including, 1.4.8...

7.5CVSS0.00742EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/09/29 7:39 p.m.19 views

CVE-2021-39342 Credova_Financial <= 1.4.8 Sensitive Information Disclosure

The CredovaFinancial WordPress plugin discloses a site's associated Credova API account username and password in plaintext via an AJAX action whenever a site user goes to checkout on a page that has the Credova Financing option enabled. This affects versions up to, and including, 1.4.8...

5.3CVSS7.7AI score0.00742EPSS
Exploits0References2
CVE
CVE
added 2021/09/29 7:39 p.m.45 views

CVE-2021-39342

The CVE-2021-39342 entry corresponds to the WordPress Credova_Financial plugin (versions up to and including 1.4.8) exposing the site’s Credova API account username and password in plaintext via an AJAX action during checkout when the Credova Financing option is enabled. Affected component is the...

7.5CVSS6.2AI score0.00742EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2021/09/29 12:0 a.m.14 views

WordPress Credova_Financial plugin <= 1.4.8 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered by Marvin Santos in WordPress CredovaFinancial plugin versions = 1.4.8. Solution Update the WordPress CredovaFinancial plugin to the latest available version at least 1.4.9...

7.5CVSS2.6AI score0.00742EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder