What the vulnerability does
01Description
Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through <= 2.8.2.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
What the vulnerability does
Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through <= 2.8.2.
Explanation of Vulnerability in Simple Terms
WP SmartPay versions 2.8.2 and earlier contain an integrity vulnerability that allows unauthenticated attackers to modify data over the network without user interaction. The vulnerability has a CVSS score of 7.5 (high severity). No confidentiality or availability impact is present. Site administrators should update to a version newer than 2.8.2 when available.
What an attacker can do
Modify site data without authentication or user interaction.
Potential impact on your site
Attackers can alter plugin data, settings, or transactions without logging in.
Conditions required to exploit
Network access only; no authentication or user action required.
Key dates
External resources
Related vulnerabilities