7 matches found
CVE-2024-37201
Missing Authorization vulnerability in javmah Woocommerce Customers Order History allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woocommerce Customers Order History: from n/a through 5.2.2...
PT-2024-27369 · Woocommerce · Woocommerce Customers Order History
Name of the Vulnerable Software and Affected Versions: WooCommerce Customers Order History versions through 5.2.2 Description: The issue is related to a Missing Authorization vulnerability in WooCommerce Customers Order History, allowing exploitation of incorrectly configured access control...
WordPress plugin Woocommerce Customers Order History 安全漏洞
WordPress and WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress Woocommerce Customers Order History plugin <= 5.2.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Woocommerce Customers Order History versions = 5.2.2...
WordPress Woocommerce Customers Order History Plugin <= 5.2.2 is vulnerable to Broken Access Control
Software Woocommerce Customers Order History Type Plugin Vulnerable versions = 5.2.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37201 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 813e88bf4b3c Credits Abdi Pranat...
WordPress Woocommerce Customers Order History Plugin <= 5.2.1 is vulnerable to Cross Site Scripting (XSS)
Software Woocommerce Customers Order History Type Plugin Vulnerable versions = 5.2.1 Fixed in 5.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3720c02990cd Credits Rafie Muhamm...
WordPress Woocommerce Customers Order History plugin <= 5.2.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Woocommerce Customers Order History plugin versions = 5.2.0. Solution Update the WordPress Woocommerce Customers Order History plugin to the latest available version at least 5.2.1...