4 matches found
WordPress WooCommerce Payments Plugin <= 6.6.2 is vulnerable to Insecure Direct Object References (IDOR)
Software WooCommerce Payments Type Plugin Vulnerable versions = 6.6.2 Fixed in 6.7.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-51503 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 37fceefefd1e Credits Rafie...
WordPress WooCommerce Payments Plugin <= 6.4.2 is vulnerable to Cross Site Scripting (XSS)
Software WooCommerce Payments Type Plugin Vulnerable versions = 6.4.2 Fixed in 6.5.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49828 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 702b702ee838 Credits Rafie Muhammad Patchstack Require...
WordPress WooCommerce Payments Plugin <= 5.9.0 is vulnerable to SQL Injection
Software WooCommerce Payments Type Plugin Vulnerable versions = 5.9.0 Fixed in 5.9.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-35915 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID fc4b292023c2 Credits Rafie Muhammad Patchstack Required privilege...
WordPress WooCommerce Payments Plugin <= 5.9.0 is vulnerable to Insecure Direct Object References (IDOR)
Software WooCommerce Payments Type Plugin Vulnerable versions = 5.9.0 Fixed in 5.9.1 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-35916 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID e4c9d390a631 Credits Rafie...