2 matches found
CVE-2024-1688
The Woo Total Sales plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getordersarchive function in all versions up to, and including, 3.1.4. This makes it possible for unauthenticated attackers to retrieve sales reports for the store...
CVE-2024-1688
CVE-2024-1688 affects the Woo Total Sales plugin for WordPress. The vulnerability is due to a missing capability check in get_orders_archive(), allowing unauthenticated attackers to retrieve sales reports. Impact: information exposure of store sales data across all versions up to and including 3....