← Back

Duitku Payment Gateway

duitku_payment_gateway

Vendor: Duitku • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-0631
1Duitku
1Duitku Payment Gateway
Apr 8, 2026
Mar 13, 2024
N/A· v4
5.3 MEDIUM· v3
N/A· v2
The Duitku Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the check_duitku_response function in all versions up to, and including, 2.11.6. Thi...Show more
The Duitku Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the check_duitku_response function in all versions up to, and including, 2.11.6. This makes it possible for unauthenticated attackers to change the payment status of orders to failed.Show less