3 matches found
CVE-2023-3525
The Getnet Argentina para Woocommerce plugin for WordPress is vulnerable to authorization bypass due to missing validation on the 'webhook' function in versions up to, and including, 0.0.4. This makes it possible for unauthenticated attackers to set their payment status to 'APPROVED' without...
CVE-2023-3525
CVE-2023-3525 affects the WordPress plugin Getnet Argentina para Woocommerce. The issue is authorization bypass caused by missing validation in the webhook function, allowing unauthenticated attackers to set a payment status to APPROVED without payment in versions up to and including 0.0.4. The v...
WordPress Getnet Argentina para Woocommerce Plugin 0.0.1-0.0.4 is vulnerable to Broken Access Control
Software Getnet Argentina para Woocommerce Type Plugin Vulnerable versions 0.0.1-0.0.4 Fixed in 0.0.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-3525 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 026805019331 Credits Kijam...