WooCommerce PayPal Checkout Vulnerability [CVE-2019-7441]
CVE Number – CVE-2019-7441
WooCommerce PayPal Checkout Payment Gateway plugin for WordPress could allow a remote attacker to bypass security restrictions, caused by a parameter tampering flaw. By intercepting communication traffic and making change to the parameter value, an attacker could exploit this vulnerability to change the amount of the payment.
This tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data.
This issue applies to WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress.
At the time of publication there is no fix avaliable.
I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.