Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:35 a.m.9 views

CVE-2024-12210

The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wcdnremoveshoplogo' AJAX action in all versions up to, and including, 5.4.0. This makes it possible for authenticated attackers, wit...

4.3CVSS6.5AI score0.00267EPSS
Exploits0References1
NVD
NVD
added 2024/12/24 6:15 a.m.11 views

CVE-2024-12210

The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wcdnremoveshoplogo' AJAX action in all versions up to, and including, 5.4.0. This makes it possible for authenticated attackers, wit...

4.3CVSS0.00267EPSS
Exploits0References2
Circl
Circl
added 2024/12/24 5:28 a.m.8 views

CVE-2024-12210

creationtimestamp| type| source ---|---|--- 2024-12-24 05:28:01+00:00| seen| https://infosec.exchange/users/cve/statuses/113706144911930667 2024-12-24 06:15:56+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ldzs7vtf2o2i 2024-12-24 07:42:49+00:00| seen|...

4.3CVSS8.7AI score0.00267EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/24 5:23 a.m.21 views

CVE-2024-12210 Print Invoice & Delivery Notes for WooCommerce <= 5.4.0 - Missing Authorization to Authenticated (Subscriber+) Logo Deletion

The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wcdnremoveshoplogo' AJAX action in all versions up to, and including, 5.4.0. This makes it possible for authenticated attackers, wit...

4.3CVSS0.00267EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/24 5:23 a.m.11 views

CVE-2024-12210 Print Invoice & Delivery Notes for WooCommerce <= 5.4.0 - Missing Authorization to Authenticated (Subscriber+) Logo Deletion

The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wcdnremoveshoplogo' AJAX action in all versions up to, and including, 5.4.0. This makes it possible for authenticated attackers, wit...

4.3CVSS6.5AI score0.00267EPSS
Exploits0References2
Rows per page
Query Builder