3 matches found
CVE-2024-7491
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.6.1 via the woofmessengerremovesubscr AJAX action due to missing validation on the 'key' user controlled key. This makes it...
CVE-2024-7491 HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.1 - Insecure Direct Object Reference to Unsubscribe
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.6.1 via the woofmessengerremovesubscr AJAX action due to missing validation on the 'key' user controlled key. This makes it...
WordPress HUSKY Plugin <= 1.3.6.1 is vulnerable to Insecure Direct Object References (IDOR)
Software HUSKY Type Plugin Vulnerable versions = 1.3.6.1 Fixed in 1.3.6.2 OWASP Top 10 A4: Insecure Design Classification Insecure Direct Object References IDOR CVE CVE-2024-7491 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f141f252795c Credits shaman0x01 Required...