CVE-2024-0619
CVE-2024-0619 concerns the Payflex Payment Gateway WordPress plugin, where a missing capability check in payment_callback() in all versions up to and including 2.5.0 permits unauthenticated modification of order status. The NVD description notes unauthorized data modification could lead to revenu...