4 matches found
CVE-2024-4038 Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro <= 5.3.1 - Unauthenticated Arbitrary Shortcode Execution
The The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.3.1. This is due to the plugin for WordPress allowing users to execute an action that does not proper...
CVE-2024-4038 Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro <= 5.3.1 - Unauthenticated Arbitrary Shortcode Execution
The The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.3.1. This is due to the plugin for WordPress allowing users to execute an action that does not proper...
CVE-2024-4038
The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro WordPress plugin is vulnerable to unauthenticated arbitrary shortcode execution in all versions up to 5.3.1. The issue arises because the plugin executes do_shortcode on a value without proper validation, enabling attackers to ...
WordPress Back In Stock Notifier for WooCommerce Plugin <= 5.3.1 is vulnerable to Broken Access Control
Software Back In Stock Notifier for WooCommerce Type Plugin Vulnerable versions = 5.3.1 Fixed in 5.3.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4038 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e7c0572382c3 Credits...