3 matches found
CVE-2024-8678
The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wc/v3/revolut REST API endpoint in all versions up to, and including, 4.17.3. This makes it possible for unauthenticated attackers to mark orders a...
CVE-2024-8678 Revolut Gateway for WooCommerce <= 4.17.3 - Missing Authorization to Unauthenticated Order Status Update
The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wc/v3/revolut REST API endpoint in all versions up to, and including, 4.17.3. This makes it possible for unauthenticated attackers to mark orders a...
WordPress Revolut Gateway for WooCommerce Plugin <= 4.17.3 is vulnerable to Broken Access Control
Software Revolut Gateway for WooCommerce Type Plugin Vulnerable versions = 4.17.3 Fixed in 4.17.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8678 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID bd0a5653f5e8 Credits WordFence...