What the vulnerability does
01Description
Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce <= 2.2.5 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
What the vulnerability does
Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce <= 2.2.5 versions.
Explanation of Vulnerability in Simple Terms
The IDPay Payment Gateway for WooCommerce up to version 2.2.5 exposes sensitive payment data due to improper handling of information disclosure. An attacker on the network can read confidential payment details without authentication or user interaction. This affects all sites using the vulnerable plugin version.
What an attacker can do
Read sensitive payment information transmitted by the plugin without authentication.
Potential impact on your site
Customer payment data and transaction details may be exposed to unauthorized parties.
Conditions required to exploit
Network access to the site; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities