Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/02/16 6:21 a.m.11 views

CVE-2024-13692

The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.4.5 via several functions due to missing validation on a user...

5.4CVSS9.2AI score0.003EPSS
Exploits0References1
circl
circl
added 2025/02/14 5:25 a.m.14 views

CVE-2024-13692

creationtimestamp| type| source ---|---|--- 2025-02-14 05:25:19+00:00| seen| https://infosec.exchange/users/cve/statuses/114000574448510025 2025-02-14 06:16:18+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li4kigpvbe2h 2025-02-14 07:10:01+00:00| seen|...

5.4CVSS8.7AI score0.003EPSS
Exploits0References6
cve
cve
added 2025/02/14 5:22 a.m.61 views

CVE-2024-13692

The CVE-2024-13692 entry for Return Refund and Exchange For WooCommerce (woo-refund-and-exchange-lite) is confirmed as a real vulnerability. It is an Insecure Direct Object Reference (IDOR) in all versions up to 4.4.5 caused by missing validation on a user-controlled key. This flaw allows unauthe...

5.4CVSS5.4AI score0.003EPSS
Exploits0References6Affected Software1
vulnrichment
vulnrichment
added 2025/02/14 5:22 a.m.12 views

CVE-2024-13692 Return Refund and Exchange For WooCommerce <= 4.4.5 - Authenticated (Subscriber+) Insecure Direct Object Reference

The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.4.5 via several functions due to missing validation on a user...

5.4CVSS5.4AI score0.003EPSS
Exploits0References6
cvelist
cvelist
added 2025/02/14 5:22 a.m.29 views

CVE-2024-13692 Return Refund and Exchange For WooCommerce <= 4.4.5 - Authenticated (Subscriber+) Insecure Direct Object Reference

The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.4.5 via several functions due to missing validation on a user...

5.4CVSS0.003EPSS
Exploits0References6
Rows per page
Query Builder