Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:20 a.m.5 views

CVE-2024-10437

The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to unauthorized Smar Message activation/deactivation due to a missing capability check on the ajaxenable function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...

4.3CVSS5.2AI score0.00354EPSS
Exploits0References1
Circl
Circl
added 2024/10/29 12:15 p.m.5 views

CVE-2024-10437

creationtimestamp| type| source ---|---|--- 2024-10-29 12:15:35+00:00| seen| https://t.me/cvedetector/9274...

4.3CVSS4.8AI score0.00354EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/29 9:31 a.m.8 views

CVE-2024-10437 WPC Smart Messages for WooCommerce <= 4.2.1 - Missing Authorization to Authenticated (Subscriber+) Message Activation/Deactivation

The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to unauthorized Smar Message activation/deactivation due to a missing capability check on the ajaxenable function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...

4.3CVSS6.7AI score0.00354EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/29 12:0 a.m.9 views

WordPress WPC Smart Messages for WooCommerce Plugin <= 4.2.1 is vulnerable to Broken Access Control

Software WPC Smart Messages for WooCommerce Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10437 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0c11597d7fa3 Credits Francesco...

4.3CVSS6.5AI score0.00354EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder