1 results (0.003 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

Missing Authorization vulnerability in Revolut Revolut Gateway for WooCommerce.This issue affects Revolut Gateway for WooCommerce: from n/a through 4.9.7. Vulnerabilidad de autorización faltante en Revolut Revolut Gateway para WooCommerce. Este problema afecta a Revolut Gateway para WooCommerce: desde n/a hasta 4.9.7. The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the wc_revolut_clear_records and wc_revolut_onboard_applepay_domain functions in versions up to, and including, 4.9.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to clear records and trigger applepay onboarding. • https://patchstack.com/database/vulnerability/revolut-gateway-for-woocommerce/wordpress-revolut-gateway-for-woocommerce-plugin-4-9-5-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •