Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:53 a.m.10 views

CVE-2023-3365

The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.14 does not have authorisation when deleting shipment, allowing any authenticated users, such as subscriber to delete arbitrary shipment...

8.1CVSS6.7AI score0.00592EPSS
Exploits2References1
NVD
NVD
added 2023/08/07 3:15 p.m.22 views

CVE-2023-3365

The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.14 does not have authorisation when deleting shipment, allowing any authenticated users, such as subscriber to delete arbitrary shipment...

8.1CVSS8AI score0.00592EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/08/07 2:31 p.m.16 views

CVE-2023-3365 MultiParcels Shipping For WooCommerce < 1.14.14 - Subscriber+ Arbitrary Shipment Deletion

The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.14 does not have authorisation when deleting shipment, allowing any authenticated users, such as subscriber to delete arbitrary shipment...

6.7AI score0.00592EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/08/07 2:31 p.m.21 views

CVE-2023-3365 MultiParcels Shipping For WooCommerce < 1.14.14 - Subscriber+ Arbitrary Shipment Deletion

The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.14 does not have authorisation when deleting shipment, allowing any authenticated users, such as subscriber to delete arbitrary shipment...

8.2AI score0.00592EPSS
Exploits2References1
CVE
CVE
added 2023/08/07 2:31 p.m.74 views

CVE-2023-3365

CVE-2023-3365 affects MultiParcels Shipping For WooCommerce (WordPress plugin). The root cause is missing authorization checks when deleting shipments, enabling any authenticated user (e.g., subscribers) to delete arbitrary shipments. Public sources in connected documents confirm this vulnerabili...

8.1CVSS8AI score0.00592EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.10 views

WordPress MultiParcels Shipping For WooCommerce Plugin < 1.14.14 is vulnerable to Broken Access Control

Software MultiParcels Shipping For WooCommerce Type Plugin Vulnerable versions 1.14.14 Fixed in 1.14.14 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3365 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c3c12e88b9f4 Credits Erwan ...

8.1CVSS6.8AI score0.00592EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder