Medium severity5.3NVD Advisory· Published Mar 13, 2024· Updated Jun 17, 2026
CVE-2024-0631
CVE-2024-0631
Description
The Duitku Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the check_duitku_response function in all versions up to, and including, 2.11.6. This makes it possible for unauthenticated attackers to change the payment status of orders to failed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:duitku:duitku_payment_gateway:*:*:*:*:*:wordpress:*:*Range: <=2.11.4
- Range: <=2.11.6
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.