CVE-2024-39416 Unauthorized user can export Orders Sale Report

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information...

CVE-2023-7068

The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on theprintpackinglist action in all versions up to, and including, 4.3.0. This makes it possible for authenticated...

Information disclosure

The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on theprintpackinglist action in all versions up to, and including, 4.3.0. This makes it possible for authenticated...

WooCommerce PDF Invoices < 4.3.1 - Subscriber+ Arbitrary Order Export

Description The plugin is vulnerable to unauthorized access of data due to a missing capability check on theprintpackinglist action. This makes it possible for authenticated attackers, with subscriber-level access and above, to export orders which can contain sensitive information...

WordPress Plugin Export All Posts, Products, Orders, Refunds & Users Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...