Woocommerce Paypal Checkout Payment Gateway vulnerabilities
2 known vulnerabilities affecting woocommerce/paypal_checkout_payment_gateway.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2019-7441P3MEDIUMCVSS 6.5PoCv1.6.82019-03-21
CVE-2019-7441 [MEDIUM] CVE-2019-7441: cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPre
cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purchasing an item for lower than the intended price. NOTE: The plugin author states it is true that the amount can be manipulated in the PayPal payment flow. However, t
nvd
CVE-2019-14979P4MEDIUMCVSS 5.3v1.6.172019-08-29
CVE-2019-14979 [MEDIUM] CWE-20 CVE-2019-14979: cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPr
cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purchasing an item for lower than the intended price. NOTE: The plugin author states it is true that the amount can be manipulated in the PayPal payment flow.
nvd