CVE-2024-6448

Name of the Vulnerable Software and Affected Versions Mollie Payments for WooCommerce plugin for WordPress versions up to, and including, 7.7.0

Description The issue is related to information exposure due to error reporting being enabled by default in multiple plugin files. This allows unauthenticated attackers to obtain the full path to instances, which may be used in combination with other vulnerabilities or to simplify reconnaissance work. On its own, this information is of very limited use.

Recommendations For versions up to, and including, 7.7.0, consider disabling error reporting in the plugin files as a temporary workaround until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.