Vulnerabilities and security researches forklarna-checkout-for-woocommerce klarna-checkout-for-woocommerce

Jun 07, 2024

CVE, Research URL: 47a365ab9e38524d0e20dfc563b5b8264000e9e6
Home page URL: Security reports for Klarna Checkout for WooCommerce
Application: Klarna Checkout for WooCommerce
Date: Apr 08, 2020
Research Description: Klarna Checkout for WooCommerce [klarna-checkout-for-woocommerce] < 2.0.10 WordPress Klarna Checkout for WooCommerce plugin <= 2.0.9 - Authenticated Unauthorized Plugin Changes vulnerability Authenticated Unauthorized Plugin Changes vulnerability discovered in WordPress Klarna Checkout for WooCommerce plugin (versions <= 2.0.9).
Affected versions: max 2.0.10.
Status: vulnerable

Apr 19, 2025

CVE, Research URL: CVE-2024-13925
Home page URL: Security reports for Klarna Checkout for WooCommerce
Application: Klarna Checkout for WooCommerce
Date: Apr 17, 2025
Research Description: The Klarna Checkout for WooCommerce WordPress plugin before 2.13.5 exposes an unauthenticated WooCommerce Ajax endpoint that allows an attacker to flood the log files with data at the maximum size allowed for a POST parameter per request. This can result in rapid consumption of disk space, potentially filling the entire disk.
Affected versions: max 2.13.5.
Status: vulnerable