Lucene search
+L

4 matches found

Circl
Circl
added 2025/02/19 8:16 a.m.15 views

CVE-2024-13719

creationtimestamp| type| source ---|---|--- 2025-02-19 08:16:53+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lijdknorun2g 2025-02-19 08:41:19+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4797 2025-02-19 12:01:16+00:00| seen|...

5.3CVSS8.7AI score0.0046EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/19 7:32 a.m.34 views

CVE-2024-13719 PeproDev Ultimate Invoice <= 2.0.9 - Insecure Direct Object Reference to Unauthenticated Order Information Exposure

The PeproDev Ultimate Invoice plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.9 via the invoicing viewer due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to view invoices for...

5.3CVSS0.0046EPSS
Exploits0References3
CVE
CVE
added 2025/02/19 7:32 a.m.41 views

CVE-2024-13719

CVE-2024-13719 relates to the PeproDev Ultimate Invoice plugin for WordPress. The vulnerability is an insecure direct object reference in the invoicing viewer that arises from missing validation of a user controlled key, allowing unauthenticated attackers to view invoices for completed orders and...

5.3CVSS7.3AI score0.0046EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/19 7:32 a.m.5 views

CVE-2024-13719 PeproDev Ultimate Invoice <= 2.0.9 - Insecure Direct Object Reference to Unauthenticated Order Information Exposure

The PeproDev Ultimate Invoice plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.9 via the invoicing viewer due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to view invoices for...

5.3CVSS7.2AI score0.0046EPSS
Exploits0References3
Rows per page
Query Builder