CVE-2023-37871

CVSS V2 None CVSS V3 None
Description
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce GoCardless.This issue affects GoCardless: from n/a through 2.5.6.
Overview
  • CVE ID
  • CVE-2023-37871
  • Assigner
  • Patchstack
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-12-20T13:57:10.560Z
  • Last Modified Date
  • 2023-12-20T13:57:10.560Z
Weakness Enumerations
CWE URL
CWE-639 http://cwe.mitre.org/data/definitions/639.html
References
Reference URL Reference Tags
https://patchstack.com/database/vulnerability/woocommerce-gateway-gocardless/wordpress-woocommerce-gocardless-gateway-plugin-2-5-6-unauthenticated-insecure-direct-object-references-idor-vulnerability?_s_id=cve vdb-entry
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-37871
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37871
History
Created Old Value New Value Data Type Notes
2024-06-25 01:15:30 Added to TrackCVE