Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/02/05 5:18 a.m.14 views

CVE-2024-1308

The WooCommerce Cloak Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'permalinksettingssave' function in all versions up to, and including, 1.0.33. This makes it possible for unauthenticated attackers to modify the...

7.5CVSS6.7AI score0.00748EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/04/09 6:58 p.m.15 views

CVE-2024-1308

The WooCommerce Cloak Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'permalinksettingssave' function in all versions up to, and including, 1.0.33. This makes it possible for unauthenticated attackers to modify the...

7.5CVSS7.3AI score0.00748EPSS
Exploits0References3
cve
cve
added 2024/04/09 6:58 p.m.58 views

CVE-2024-1308

The CVE-2024-1308 entry covers the WooCommerce Cloak Affiliate Links plugin for WordPress up to version 1.0.33, where a missing authorization check in the permalink_settings_save function allows unauthenticated modification of the affiliate permalink base, enabling traffic redirection to maliciou...

7.5CVSS9.1AI score0.00748EPSS
Exploits0References3
cvelist
cvelist
added 2024/04/09 6:58 p.m.26 views

CVE-2024-1308 WooCommerce Cloak Affiliate Links <= 1.0.33 - Missing Authorization to Unauthenticated Permalink Modification

The WooCommerce Cloak Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'permalinksettingssave' function in all versions up to, and including, 1.0.33. This makes it possible for unauthenticated attackers to modify the...

7.5CVSS7.5AI score0.00748EPSS
Exploits0References3
patchstack
patchstack
added 2024/03/21 12:0 a.m.15 views

WordPress WooCommerce Cloak Affiliate Links Plugin <= 1.0.33 is vulnerable to Broken Access Control

Software WooCommerce Cloak Affiliate Links Type Plugin Vulnerable versions = 1.0.33 Fixed in 1.0.34 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1308 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 86ffc05e045a Credits Francesc...

7.5CVSS6.5AI score0.00748EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder