Lucene search
+L

7 matches found

Cvelist
Cvelist
added 2026/07/09 9:31 a.m.32 views

CVE-2026-9240 Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Order Shipment Modification via lpc_order_affect AJAX action

The Colissimo Officiel : Méthodes de livraison pour WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateShippingMethod function registered to the wpajaxlpcorderaffect AJAX action in versions up to, and including, 2.9.0...

4.3CVSS0.00196EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/09 9:31 a.m.7 views

CVE-2026-9240

The Colissimo Officiel : Méthodes de livraison pour WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateShippingMethod function registered to the wpajaxlpcorderaffect AJAX action in versions up to, and including, 2.9.0...

4.3CVSS6AI score0.00196EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 3:16 p.m.10 views

CVE-2026-57341

Unauthenticated Insecure Direct Object References IDOR in Colissimo Officiel : Méthodes de livraison pour WooCommerce = 2.9.0 versions...

6.5CVSS0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/29 1:36 p.m.34 views

CVE-2026-57341 WordPress Colissimo Officiel : Méthodes de livraison pour WooCommerce plugin <= 2.9.0 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Colissimo Officiel : Méthodes de livraison pour WooCommerce = 2.9.0 versions...

6.5CVSS0.00258EPSS
Exploits0References1
CVE
CVE
added 2026/06/29 1:36 p.m.15 views

CVE-2026-57341

The CVE-2026-57341 entry describes an Unauthenticated Insecure Direct Object References (IDOR) vulnerability in the Colissimo Officiel: Méthodes de livraison pour WooCommerce plugin for WordPress, affecting versions

6.5CVSS5.8AI score0.00258EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/29 9:56 a.m.6 views

WordPress Colissimo Officiel : Méthodes de livraison pour WooCommerce plugin <= 2.9.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by HieuPenguinnn in WordPress Plugin Colissimo Officiel : Méthodes de livraison pour WooCommerce versions = 2.9.0...

6.5CVSS5.8AI score0.00258EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.15 views

PT-2026-53302

Name of the Vulnerable Software and Affected Versions Colissimo Officiel : Méthodes de livraison pour WooCommerce versions prior to 2.9.1 Description An unauthenticated Insecure Direct Object Reference IDOR exists in the software. IDOR is a type of access control vulnerability that occurs when an...

6.5CVSS6AI score0.00258EPSS
Exploits0References3
Rows per page
Query Builder