Home > cve-2019-14978
cve-2019-14978-vikas-chaudhary

WooCommerce PayU India Payment Gateway plugin 2.1.1 for WordPress allows Parameter Tampering in an amount parameter-CVE-2019-14978

# Exploit Title: /payu/icpcheckout/ in the WooCommerce PayU India Payment Gateway Plugin 2.1.1 for WordPress allows Parameter Tampering in purchaseQuantity=1 parameter , as demonstrated by purchasing an item for lower than the intended price # Date: 10.08.2019 # Product Title : WooCommerce PayU India (PayUmoney – PayUbiz) # Vendor Homepage: https://wordpress.org # Software Link : https://wordpress.org/plugins/woocommerce-payu-paisa/ # Category: Web Applications Plugin (Wordpress) # Version: 2.1.1 # Active installations: 10,000+ # Exploit Author: Vikas

Read More