CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49853 – WordPress PayTR Taksit Tablosu Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-49853
07 Dec 2023 — Cross-Site Request Forgery (CSRF) vulnerability in PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş. PayTR Taksit Tablosu – WooCommerce.This issue affects PayTR Taksit Tablosu – WooCommerce: from n/a through 1.3.1. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en PayTR Ödeme ve Elektronik Para Kurulu?u A.?. PayTR Taksit Tablosu – WooCommerce. • https://patchstack.com/database/vulnerability/paytr-taksit-tablosu-woocommerce/wordpress-paytr-taksit-tablosu-woocommerce-plugin-1-3-1-broken-authentication-vulnerability?_s_id=cve • CWE-285: Improper Authorization CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47847 – WordPress PayTR Taksit Tablosu plugin <= 1.3.1 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2023-47847
20 Nov 2023 — Missing Authorization vulnerability in PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş. PayTR Taksit Tablosu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PayTR Taksit Tablosu: from n/a through 1.3.1. The PayTR Taksit Tablosu plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on one of the paytr_installment_tab_content_ajax function in versions up to, and including, 1.3.1. This makes it possible for unauthenticated att... • https://patchstack.com/database/wordpress/plugin/paytr-taksit-tablosu-woocommerce/vulnerability/wordpress-paytr-taksit-tablosu-plugin-1-3-1-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •