What the vulnerability does
01Description
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through 7.1.9.7.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through 7.1.9.7.
Explanation of Vulnerability in Simple Terms
Checkout Mestres WP versions up to 7.1.9.7 contain an authentication bypass vulnerability. An attacker can gain unauthorized access to the plugin without valid credentials, potentially compromising sensitive checkout data and site functionality. No user interaction or special privileges are required to exploit this flaw.
What an attacker can do
Bypass authentication and gain unauthorized access to the plugin without valid credentials.
Potential impact on your site
Attackers can access sensitive checkout data, modify transactions, or disrupt payment processing without logging in.
Conditions required to exploit
Network access only; no authentication, special privileges, or user interaction required.
Key dates
External resources
Related vulnerabilities