3 matches found
CVE-2024-6799
creationtimestamp| type| source ---|---|--- 2024-07-19 11:11:28+00:00| seen| https://t.me/cvedetector/1200...
CVE-2024-6799
CVE-2024-6799 affects YITH Essential Kit for WooCommerce #1 (WordPress) and, per connected sources, versions up to 2.34.0 are vulnerable due to a missing capability check in activate_module, deactivate_module, and install_module. This allows authenticated users with Subscriber+ privileges to inst...
WordPress YITH Essential Kit for WooCommerce #1 Plugin <= 2.34.0 is vulnerable to Broken Access Control
Software YITH Essential Kit for WooCommerce 1 Type Plugin Vulnerable versions = 2.34.0 Fixed in 2.35.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6799 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f3f670016683 Credits Lucio S...