Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:32 a.m.8 views

CVE-2024-0617

The Category Discount Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpcdsavediscount function in all versions up to, and including, 4.12. This makes it possible for unauthenticated attackers to modify product category...

5.3CVSS6.6AI score0.0049EPSS
Exploits0References1
Circl
Circl
added 2024/01/25 3:26 a.m.6 views

CVE-2024-0617

creationtimestamp| type| source ---|---|--- 2024-01-25 03:26:53+00:00| seen| https://t.me/ctinow/173246 2024-02-18 07:06:32+00:00| seen| https://t.me/ctinow/187136...

5.3CVSS6.7AI score0.0049EPSS
Exploits0References2
NVD
NVD
added 2024/01/25 2:15 a.m.23 views

CVE-2024-0617

The Category Discount Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpcdsavediscount function in all versions up to, and including, 4.12. This makes it possible for unauthenticated attackers to modify product category...

5.3CVSS5.1AI score0.0049EPSS
Exploits0References3
CVE
CVE
added 2024/01/25 1:55 a.m.65 views

CVE-2024-0617

The CVE-2024-0617 entry concerns the Category Discount Woocommerce plugin for WordPress. A missing capability check in the wpcd_save_discount() function affects all versions up to and including 4.12, enabling unauthenticated attackers to modify product category discounts and potentially cause rev...

5.3CVSS6AI score0.0049EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/01/24 12:0 a.m.9 views

WordPress Category Discount Woocommerce Plugin <= 4.12 is vulnerable to Broken Access Control

Software Category Discount Woocommerce Type Plugin Vulnerable versions = 4.12 Fixed in 4.13 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-0617 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 26f9aa0c44b8 Credits Krzysztof Zając...

5.3CVSS6.9AI score0.0049EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/01/24 12:0 a.m.11 views

WordPress Category Discount Woocommerce Plugin <= 4.11 is vulnerable to Cross Site Request Forgery (CSRF)

Software Category Discount Woocommerce Type Plugin Vulnerable versions = 4.11 Fixed in 4.12 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0617 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cff1c97352ca Credits Krzyszto...

5.3CVSS7AI score0.0049EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder