What the vulnerability does
01Description
Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP <= 4.6.19 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
What the vulnerability does
Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP <= 4.6.19 versions.
Explanation of Vulnerability in Simple Terms
The Best Payments Plugin for WP versions up to 4.6.19 contain an integrity vulnerability that allows attackers to modify data without authentication. The attack requires specific network conditions and cannot be exploited remotely under normal circumstances. Site administrators should update to a version newer than 4.6.19 to resolve this issue.
What an attacker can do
Modify payment or plugin data without authentication.
Potential impact on your site
Payment records or plugin settings could be altered by an attacker without your knowledge or consent.
Conditions required to exploit
Network access and specific attack conditions; no authentication required.
Key dates
External resources
Related vulnerabilities