2 matches found
CVE-2024-5769
CVE-2024-5769 (MIMO Woocommerce Order Tracking, WordPress) The vulnerability stems from a missing capability check in multiple functions across all versions up to 1.0.2, allowing authenticated attackers with Subscriber-level access and above to add, update, or delete shipper tracking settings (da...
CVE-2024-5769 MIMO Woocommerce Order Tracking <= 1.0.2 - Missing Authorization to Limited Settings Update
The MIMO Woocommerce Order Tracking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and abov...