4 matches found
CVE-2024-0610
The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'MerchantReference' parameter in all versions up to, and including, 1.6.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
CVE-2024-0610
The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'MerchantReference' parameter in all versions up to, and including, 1.6.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
Sql injection
The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'MerchantReference' parameter in all versions up to, and including, 1.6.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
PT-2024-15687 · WordPress · Piraeus Bank Woocommerce Payment Gateway
Name of the Vulnerable Software and Affected Versions: Piraeus Bank WooCommerce Payment Gateway plugin for WordPress versions up to, and including, 1.6.5.1 Description: The issue is related to a time-based blind SQL Injection vulnerability via the MerchantReference parameter. This vulnerability i...