CVE-2024-30527

WordPress WP Express Checkout plugin <= 2.3.7 - Price Manipulation vulnerability

CVSS 7.5 HIGHEPSS 0.5%CWE-1284

Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express Checkout (Accept PayPal Payments) allows Manipulating Hidden Fields.This issue affects WP Express Checkout (Accept PayPal Payments): from n/a through 2.3.7.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Produtos afetados

Tips and Tricks HQ · WP Express Checkout (Accept PayPal Payments)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://patchstack.com/database/vulnerability/wp-express-checkout/wordpress-wp-express-checkout-plugin-2-3-7-price-manipulation-vulnerability?_s_id=cve