2 matches found
CVE-2024-1119
CVE-2024-1119 – Order Tip for WooCommerce (WordPress) : Unauthenticated users can export the plugin’s order fees due to a missing authorization check in export_tips_to_csv() across all versions up to 1.3.1. This is a broken access control vulnerability that enables data exposure. A fix is availab...
WordPress Order Tip for WooCommerce Plugin <= 1.3.1 is vulnerable to Broken Access Control
Software Order Tip for WooCommerce Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.4.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1119 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f66f4219506 Credits Francesco Carlucci...