← back
CVE-2024-38747

WordPress HitPay Payment Gateway for WooCommerce plugin <= 4.1.3 - Sensitive Data Exposure via Log File vulnerability

CVSS 7.5 HIGHEPSS 0.4%CWE-200
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HitPay Payment Solutions Pte Ltd HitPay Payment Gateway for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects HitPay Payment Gateway for WooCommerce: from n/a through 4.1.3.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
HitPay Payment Solutions Pte Ltd · HitPay Payment Gateway for WooCommerce

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://patchstack.com/database/vulnerability/hitpay-payment-gateway/wordpress-hitpay-payment-gateway-for-woocommerce-plugin-4-1-3-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve