{"id":"CVE-2018-20782","details":"The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages.","modified":"2026-03-14T09:29:04.056487Z","published":"2019-02-17T18:29:00.233Z","references":[{"type":"REPORT","url":"https://github.com/GloBee-Official/woocommerce-payment-api-plugin/issues/3"},{"type":"FIX","url":"https://github.com/GloBee-Official/woocommerce-payment-api-plugin/pull/2"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/46414/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/globee-official/woocommerce-payment-api-plugin","events":[{"introduced":"0"},{"fixed":"dd6686b9c15201391a7b6494124db4155f465102"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.1.2"}]}}],"versions":["v1.0.1","v1.1.0","v1.1.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20782.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}