cleantalk
Vulnerabilities and Security Researches

Mollie Payments for WooCommerce, CVE-2024-6448

CVE, Research URL

CVE-2024-6448

Home page URL

Security reports for Mollie Payments for WooCommerce

Application

Mollie Payments for WooCommerce

Published on
Aug 28, 2024
Research Description
The Mollie Payments for WooCommerce plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 7.7.0. This is due to the error reporting being enabled by default in multiple plugin files. This makes it possible for unauthenticated attackers to obtain the full path to instances, which they may be able to use in combination with other vulnerabilities or to simplify reconnaissance work. On its own, this information is of very limited use.
Affected versions
Min -, max 7.8.0.
Status
vulnerable
Previous vulnerability researches
Mollie Payments for WooCommerce (CVE-2024-6448) , Aug 28, 2024
Mollie Payments for WooCommerce (CVE-2023-6090) , Jun 07, 2024
Mollie Payments for WooCommerce (CVE-2025-39362) , Jul 03, 2025
New vulnerability
WP Map Block – Gutenberg Map Block for Google Map and OpenStreet Map (CVE-2025-5194) , Jul 04, 2025
Amazon Products to WooCommerce (CVE-2025-5817) , Jul 04, 2025
WP-Recall – Registration, Profile, Commerce & More (CVE-2025-49991) , Jul 04, 2025
WP-Recall – Registration, Profile, Commerce & More (CVE-2025-52796) , Jul 04, 2025
Navayan Subscribe (CVE-2025-53311) , Jul 04, 2025