1 results (0.006 seconds)

CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 1

The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages. El plugin GloBee, en versiones anteriores a la 1.1.2 para WooCommerce, gestiona de manera incorrecta los mensajes IPN. WordPress WooCommerce plugin with GloBee cryptocurrency payment gateway versions 1.1.1 and below suffer from payment bypass and unauthorized order status spoofing vulnerabilities. • https://www.exploit-db.com/exploits/46414 https://github.com/GloBee-Official/woocommerce-payment-api-plugin/issues/3 https://github.com/GloBee-Official/woocommerce-payment-api-plugin/pull/2 • CWE-20: Improper Input Validation •