Lucene search
+L

4 matches found

Circl
Circl
added 2025/02/01 1:15 p.m.7 views

CVE-2024-13775

creationtimestamp| type| source ---|---|--- 2025-02-01 13:15:36+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lh4luad33y2t 2025-02-01 15:37:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lh4tsb5g6b2g 2025-02-01 16:16:52+00:00| seen|...

5.4CVSS7.3AI score0.00229EPSS
Exploits0References4
NVD
NVD
added 2025/02/01 1:15 p.m.13 views

CVE-2024-13775

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to unauthorized access and loss of data due to missing capability checks on the 'ajaxdeletemessage', 'ajaxgetcustomerspartiallist', and 'ajaxgetadminslist' functions in all versions up to, and including, 17.8. This makes it...

5.4CVSS0.00229EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/01 12:21 p.m.15 views

CVE-2024-13775 WooCommerce Support Ticket System <= 17.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Information Exposure

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to unauthorized access and loss of data due to missing capability checks on the 'ajaxdeletemessage', 'ajaxgetcustomerspartiallist', and 'ajaxgetadminslist' functions in all versions up to, and including, 17.8. This makes it...

5.4CVSS0.00229EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/01 12:21 p.m.6 views

CVE-2024-13775 WooCommerce Support Ticket System <= 17.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Information Exposure

The WooCommerce Support Ticket System plugin for WordPress is vulnerable to unauthorized access and loss of data due to missing capability checks on the 'ajaxdeletemessage', 'ajaxgetcustomerspartiallist', and 'ajaxgetadminslist' functions in all versions up to, and including, 17.8. This makes it...

5.4CVSS5.3AI score0.00229EPSS
Exploits0References2
Rows per page
Query Builder