Filtered by vendor Revolut Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-8678 1 Revolut 2 Revolut Gateway, Revolut Gateway For Woocommerce 2024-10-02 5.3 Medium
The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wc/v3/revolut REST API endpoint in all versions up to, and including, 4.17.3. This makes it possible for unauthenticated attackers to mark orders as completed.