Home > cve-2019-14979
cve-2019-14979-vikas-chaudhary

PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering in an amount parameter as demonstrated by purchasing an item for lower than the intended price-CVE-2019-14979

# Exploit Title: cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purchasing an item for lower than the intended price # Date: 09.08.2019 # Product Title :Woocommerce Paypal Checkout gateway Plugin # Vendor Homepage: https://wordpress.org # Software Link : https://wordpress.org/plugins/woocommerce-gateway-paypal-express-checkout/ # Category: Web Applications Plugin (Wordpress) # Version: 1.6.17 # Active installations: 700,000+ # Exploit Author: Vikas Chaudhary # Contact:

Read More