Input validation vulnerability in Authorize.net Payment Gateway For WooCommerce 8.0

The Authorize.net Payment Gateway for WooCommerce, a plugin used with the WordPress platform, has a security flaw that allows unauthorized individuals to bypass the payment process and mark orders as paid. This vulnerability affects all versions of the plugin up to version 8.0. It occurs because the plugin does not properly check the validity of requests to update payment statuses for orders. This means that attackers without proper authentication can manipulate the payment status of orders, allowing them to mark them as paid without actually making a payment.

Detected in:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Is this information incorrect? Please leave us a message.