mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-24 15:54:10 +02:00
0xMarcio
942 B
942 B
CVE-2023-7294
Description
The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the create_mollie_profile function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with subscriber-level access to create a mollie payment profile.
POC
Reference
No PoCs from references.