3 matches found
CVE-2019-14979
cgi-bin/webscr?cmd=cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering in an amount parameter such as amount1, as demonstrated by purchasing an item for lower than the intended price. NOTE: The plugin author states it is true that the...
CVE-2019-14979
cgi-bin/webscr?cmd=cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering in an amount parameter such as amount1, as demonstrated by purchasing an item for lower than the intended price. NOTE: The plugin author states it is true that the...
CVE-2019-14979
The CVE-2019-14979 entry concerns the WooCommerce PayPal Checkout Payment Gateway plugin for WordPress (version 1.6.17). The vulnerability is described as parameter tampering in the PayPal flow via the cgi-bin/webscr?cmd=_cart endpoint, where the amount parameter (e.g., amount_1) can be manipulat...