3 matches found
CVE-2024-24711
CVE-2024-24711 refers to a Missing Authorization vulnerability in the WordPress plugin WooCommerce Conversion Tracking (weDevs) affecting versions n/a–2.11. The issue arises from a missing capability check on the wcct_install_happy_addons function, allowing authenticated users (e.g., subscribers)...
CVE-2024-24711 WordPress WooCommerce Conversion Tracking plugin <= 2.0.11 - Broken Access Control vulnerability
Missing Authorization vulnerability in weDevs WooCommerce Conversion Tracking.This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.11...
WordPress WooCommerce Conversion Tracking Plugin <= 2.0.11 is vulnerable to Broken Access Control
Software WooCommerce Conversion Tracking Type Plugin Vulnerable versions = 2.0.11 Fixed in 2.0.12 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-24711 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f258cf84223e Credits Abdi Pranat...