2 matches found
CVE-2024-4450
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the ImportAjaxController.php file in all versions up to, and including, 3.3.6. This makes it possible for authenticated attackers, with...
WordPress Ali2Woo Lite Plugin <= 3.3.6 is vulnerable to Broken Access Control
Software Ali2Woo Lite Type Plugin Vulnerable versions = 3.3.6 Fixed in 3.3.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4450 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID f7ad6ff2580e Credits Lucio Sá Required privilege...