2 matches found
CVE-2024-0870
The YITH WooCommerce Gift Cards plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savemailstatus' and 'saveemailsettings' functions in all versions up to, and including, 4.12.0. This makes it possible for unauthenticated attackers to...
WordPress YITH WooCommerce Gift Cards Plugin <= 4.12.0 is vulnerable to Broken Access Control
Software YITH WooCommerce Gift Cards Type Plugin Vulnerable versions = 4.12.0 Fixed in 4.13.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-0870 Patch priority Low CVSS severity Low 5.3 Developer YITH PSID 8dd8ed435d7e Credits Francesco Carlucci Required...