3 matches found
CVE-2024-2382 Authorize.net Payment Gateway For WooCommerce <= 8.0 - Insufficient Verification of Data Authenticity to Unauthenticated Payment Bypass
The Authorize.net Payment Gateway For WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 8.0. This is due to the plugin not properly verifying the authenticity of the request that updates a orders payment status. This makes it possible for...
CVE-2024-2382
CVE-2024-2382 affects the Authorize.net Payment Gateway For WooCommerce plugin for WordPress. The root cause is that the plugin does not properly verify the authenticity of the request that updates an order’s payment status, enabling an unauthenticated attacker to set the status to paid and bypas...
CVE-2024-2382 Authorize.net Payment Gateway For WooCommerce <= 8.0 - Insufficient Verification of Data Authenticity to Unauthenticated Payment Bypass
The Authorize.net Payment Gateway For WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 8.0. This is due to the plugin not properly verifying the authenticity of the request that updates a orders payment status. This makes it possible for...