WPC Grouped Product for WooCommerce < 4.4.3 - Missing Authorization

Description The WPC Grouped Product for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the ajaxupdatesearchsettings, ajaxgetplugins, and ajaxgetessentialkit functions in all versions up to, and including, 4.4.2. This makes it possible fo...

CVE-2024-32520

Missing Authorization vulnerability in WPClever WPC Grouped Product for WooCommerce.This issue affects WPC Grouped Product for WooCommerce: from n/a through 4.4.2...

WordPress Plugin WPC Grouped Product for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress Plugin WPC...

WordPress WPC Grouped Product for WooCommerce plugin <= 4.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin WPC Grouped Product for WooCommerce versions = 4.4.2...

WordPress WPC Grouped Product for WooCommerce Plugin <= 4.4.2 is vulnerable to Broken Access Control

Software WPC Grouped Product for WooCommerce Type Plugin Vulnerable versions = 4.4.2 Fixed in 4.4.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32520 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 18460ef99dba Credits Abdi...