{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T15:47:10.323","vulnerabilities":[{"cve":{"id":"CVE-2024-38747","sourceIdentifier":"audit@patchstack.com","published":"2024-08-13T11:15:15.967","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HitPay Payment Solutions Pte Ltd HitPay Payment Gateway for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects HitPay Payment Gateway for WooCommerce: from n/a through 4.1.3."},{"lang":"es","value":"Exposición de información confidencial a una vulnerabilidad de actor no autorizado en HitPay Payment Solutions Pte Ltd. HitPay Payment Gateway para WooCommerce permite el acceso a funciones no restringidas adecuadamente por las ACL. Este problema afecta a HitPay Payment Gateway para WooCommerce: desde n/a hasta 4.1.3."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/hitpay-payment-gateway/wordpress-hitpay-payment-gateway-for-woocommerce-plugin-4-1-3-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}