WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress Tipsacarrier plugin version 1.4.4.2 and prior versions are vulnerable to an access control error that stems from a failure to perform any authorization checks. An unauthenticated attacker could use this vulnerability to access order data that could be used to retrieve a customer’s full address, name and phone number via a tracking URL.
CPE | Name | Operator | Version |
---|---|---|---|
WordPress Tipsacarrier plugin <=1. | eq | 4.4.2 |