WordPress Tipsacarrier plugin access control error vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress...

CVE-2021-25002

The Tipsacarrier WordPress plugin before 1.5.0.5 does not have any authorisation check in place some functions, which could allow unauthenticated users to access Orders data which could be used to retrieve the client full address, name and phone via tracking URL...

WordPress plugin Tipsacarrier 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress...

PT-2022-9559 · WordPress · Tipsacarrier Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Tipsacarrier WordPress plugin versions prior to 1.5.0.5 Description: The issue concerns a lack of authorization checks in certain functions, allowing unauthenticated users to access Orders data. This could potentially be used to retrieve clie...