3 matches found
CVE-2024-43343 WordPress Order Tracking – WordPress Status Tracking Plugin plugin < 3.3.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in Etoile Web Design Order Tracking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Order Tracking: from n/a through 3.3.12...
CVE-2024-43343
CVE-2024-43343 affects the WordPress Order Tracking (Order Tracking – WordPress Status Tracking Plugin) up to version 3.3.12, with Missing Authorization due to ACL enforcement gaps enabling unauthorized access to certain functions. Root cause: lack of proper authorization checks in Order Tracking...
WordPress Order Tracking Plugin < 3.3.13 is vulnerable to Broken Access Control
Software Order Tracking Type Plugin Vulnerable versions 3.3.13 Fixed in 3.3.13 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43343 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID da6200de622c Credits Abdi Pranata Required privileg...