Cardgate Payments
By the Year
In 2024 there have been 0 vulnerabilities in Cardgate Payments . Cardgate Payments did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 2 | 8.10 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Cardgate Payments vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cardgate Payments Security Vulnerabilities
An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2
CVE-2020-8818
8.1 - High
- February 25, 2020
An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. Lack of origin authentication in the IPN callback processing function in Controller/Payment/Callback.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key, etc.) and therefore bypass the payment process (e.g., spoof an order status by manually sending an IPN callback request with a valid signature but without real payment) and/or receive all of the subsequent payments.
Origin Validation Error
An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce
CVE-2020-8819
8.1 - High
- February 25, 2020
An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate/cardgate.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key, etc.) and therefore bypass the payment process (e.g., spoof an order status by manually sending an IPN callback request with a valid signature but without real payment) and/or receive all of the subsequent payments.
Origin Validation Error
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cardgate Payments or by Cardgate? Click the Watch button to subscribe.