Duitku Payment Gateway
by Duitku
CVEs (1)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-0631 | Med | 0.34 | 5.3 | 0.00 | Mar 13, 2024 | The Duitku Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the check_duitku_response function in all versions up to, and including, 2.11.6. This makes it possible for unauthenticated attackers to change the payment status of orders to failed. |
- risk 0.34cvss 5.3epss 0.00
The Duitku Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the check_duitku_response function in all versions up to, and including, 2.11.6. This makes it possible for unauthenticated attackers to change the payment status of orders to failed.