4 matches found
CVE-2025-30152
creationtimestamp| type| source ---|---|--- 2025-03-19 16:18:08+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8086 2025-03-19 18:43:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkqtncep242x 2025-03-19 18:49:16+00:00| seen| https://t.me/cvedetector/20...
CVE-2025-30152
The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. Prior to 1.6.2, 1.7.2, and 2.0.2, a discovered vulnerability allows users to modify their shopping cart after completing the PayPal Checkout process and payment authorization. If a user initiates a PayPal...
CVE-2025-30152 Sylius PayPal Plugin has an Order Manipulation Vulnerability after PayPal Checkout
The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. Prior to 1.6.2, 1.7.2, and 2.0.2, a discovered vulnerability allows users to modify their shopping cart after completing the PayPal Checkout process and payment authorization. If a user initiates a PayPal...
CVE-2025-30152
CVE-2025-30152 : The Sylius PayPal Plugin (for PayPal Commerce) has an order manipulation vulnerability after PayPal Checkout. Before versions 1.6.2, 1.7.2, and 2.0.2, a user can return to the order summary page and modify the cart contents, potentially causing the merchant to receive less paymen...