Lucene search
+L

4 matches found

Patchstack
Patchstack
added 2025/05/19 12:36 a.m.6 views

WordPress WP ERP plugin < 1.13.4 - Custom+ Unauthorized Access to Terminated Employee Information vulnerability

Custom+ Unauthorized Access to Terminated Employee Information vulnerability discovered by Pedro Cuco Illex in WordPress Plugin WP ERP versions 1.13.4...

7.5CVSS6.7AI score0.00444EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/15 8:6 p.m.8 views

CVE-2024-12812 WP ERP < 1.13.4 - Custom+ Unauthorized Access to Terminated Employee Information

The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin before 1.13.4 is affected by an IDOR issue where employees can manipulate parameters to access the data of terminated employees...

7.4AI score0.00444EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:6 p.m.41 views

CVE-2024-12812

CVE-2024-12812 affects the WP ERP plugin for WordPress (WooCommerce CRM & Accounting), specifically versions prior to 1.13.4. The issue is an IDOR that lets authenticated users manipulate parameters to access data of terminated employees. The root cause is improper access control around parameter...

7.5CVSS7.4AI score0.00444EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/05/15 8:6 p.m.5 views

CVE-2024-12812 WP ERP < 1.13.4 - Custom+ Unauthorized Access to Terminated Employee Information

The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin before 1.13.4 is affected by an IDOR issue where employees can manipulate parameters to access the data of terminated employees...

7.5CVSS5.9AI score0.00444EPSS
Exploits1References3
Rows per page
Query Builder