Lucene search
+L

9 matches found

Patchstack
Patchstack
added 2026/02/03 3:14 p.m.6 views

WordPress Gestpay for WooCommerce plugin <= 20221130 - Cross-Site Request Forgery (CSRF) via ajax_unset_default_card vulnerability

Cross-Site Request Forgery CSRF via ajaxunsetdefaultcard vulnerability discovered by Francesco Carlucci in WordPress Plugin Gestpay for WooCommerce versions = 20221130...

4.3CVSS5.3AI score0.00275EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/02/03 3:14 p.m.7 views

WordPress Gestpay for WooCommerce plugin <= 20221130 - Cross-Site Request Forgery (CSRF) via ajax_delete_card vulnerability

Cross-Site Request Forgery CSRF via ajaxdeletecard vulnerability discovered by Francesco Carlucci in WordPress Plugin Gestpay for WooCommerce versions = 20221130...

4.3CVSS5.3AI score0.00275EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/02/28 9:15 a.m.5 views

CVE-2024-0432

The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. This is due to missing or incorrect nonce validation on the 'ajaxdeletecard' function. This makes it possible for unauthenticated attackers to delete the...

4.3CVSS7.2AI score0.00275EPSS
Exploits0References2
OSV
OSV
added 2024/02/28 9:15 a.m.6 views

CVE-2024-0431

The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. This is due to missing or incorrect nonce validation on the 'ajaxsetdefaultcard' function. This makes it possible for unauthenticated attackers to set the...

4.3CVSS5.7AI score0.00295EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/28 8:33 a.m.14 views

CVE-2024-0431 Gestpay for WooCommerce <= 20221130 - Cross-Site Request Forgery (CSRF) via ajax_set_default_card

The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. This is due to missing or incorrect nonce validation on the 'ajaxsetdefaultcard' function. This makes it possible for unauthenticated attackers to set the...

4.3CVSS6.6AI score0.00295EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/28 8:33 a.m.14 views

CVE-2024-0432 Gestpay for WooCommerce <= 20221130 - Cross-Site Request Forgery (CSRF) via ajax_delete_card

The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. This is due to missing or incorrect nonce validation on the 'ajaxdeletecard' function. This makes it possible for unauthenticated attackers to delete the...

4.3CVSS6.6AI score0.00275EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/28 12:0 a.m.4 views

WordPress Plugin Gestpay for WooCommerce Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.6AI score0.00275EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/28 12:0 a.m.5 views

WordPress Plugin Gestpay for WooCommerce Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.6AI score0.00275EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.9 views

PT-2024-15557 · WordPress · Gestpay For Woocommerce

Name of the Vulnerable Software and Affected Versions: Gestpay for WooCommerce plugin for WordPress versions up to, and including, 20221130 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the ajax unset default card function. This...

4.3CVSS9.2AI score0.00275EPSS
Exploits0References7
Rows per page
Query Builder