CVE-2024-0431 | Gestpay for WooCommerce Plugin up to 20221130 on WordPress ajax_set_default_card cross-site request forgery

Posted by Angelo Barbosa | Feb 26, 2024 | CVE

A vulnerability has been found in Gestpay for WooCommerce Plugin up to 20221130 on WordPress and classified as problematic. Affected by this vulnerability is the function ajax_set_default_card. The manipulation leads to cross-site request forgery.

This vulnerability is known as CVE-2024-0431. The attack can be launched remotely. There is no exploit available.

CVE-2024-0431 | Gestpay for WooCommerce Plugin up to 20221130 on WordPress ajax_set_default_card cross-site request forgery

Related Posts

CVE-2024-0352 | Likeshop up to 2.5.7.20210311 HTTP POST Request File.php userFormImage file unrestricted upload

CVE-2024-24822 | Pimcore admin-ui-classic-bundle up to 1.3.2 authorization

CVE-2024-23978 | KDDI Home Spot Cube2 up to 102 invalid heap-based overflow

CVE-2024-46453 | iq3xcite up to 3.05 /test/ cross site scripting