CVE-2024-38747

Name of the Vulnerable Software and Affected Versions HitPay Payment Gateway for WooCommerce versions n/a through 4.1.3

Description The issue affects the HitPay Payment Gateway for WooCommerce, allowing unauthorized access to sensitive information due to improperly constrained functionality by Access Control Lists (ACLs). This enables accessing functionality not properly restricted.

Recommendations For versions n/a through 4.1.3, update to a version later than 4.1.3 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.