3 matches found
CVE-2023-5132
The Soisy Pagamento Rateale plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the parseRemoteRequest function in versions up to, and including, 6.0.1. This makes it possible for unauthenticated attackers with knowledge of an existing WooCommerc...
CVE-2023-5132
CVE-2023-5132 affects the Soisy Pagamento Rateale WordPress plugin (≤ 6.0.1). The vulnerability arises from a missing capability check in parseRemoteRequest, allowing unauthenticated attackers who know an existing WooCommerce Order ID to access sensitive order data (e.g., name, address, email, an...
WordPress Soisy Pagamento Rateale Plugin <= 6.0.1 is vulnerable to Broken Access Control
Software Soisy Pagamento Rateale Type Plugin Vulnerable versions = 6.0.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5132 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID ea685dad7b8e Credits Francesco Carlucci...