EUVD-2024-37588

Malicious code in bioql PyPI...

CVE-2024-38740

Missing Authorization vulnerability in Packlink Shipping S.L. Packlink PRO shipping module allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Packlink PRO shipping module: from n/a through 3.4.6...

CVE-2024-38740 WordPress Packlink PRO shipping module plugin <= 3.4.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Packlink Shipping S.L. Packlink PRO shipping module allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Packlink PRO shipping module: from n/a through 3.4.6...

CVE-2024-38740

CVE-2024-38740 describes a Missing Authorization vulnerability in the WordPress plugin “Packlink PRO shipping module” used by Packlink Shipping S.L. The issue allows exploitation of incorrectly configured access control security levels (Broken Access Control) and affects Packlink PRO shipping mod...

PT-2024-28184 · Packlink · Packlink Pro Shipping Module

Name of the Vulnerable Software and Affected Versions: Packlink PRO shipping module versions 3.4.6 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Packlink PRO shipping module, which allows exploitation due to incorrectly configured access control...

WordPress plugin Packlink PRO shipping module 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Packlink PRO shipping module plugin <= 3.4.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das in WordPress Plugin Packlink PRO shipping module versions = 3.4.6...

WordPress Packlink PRO shipping module Plugin <= 3.4.6 is vulnerable to Broken Access Control

Software Packlink PRO shipping module Type Plugin Vulnerable versions = 3.4.6 Fixed in 3.4.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-38740 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID fbec632c2a75 Credits Dhabaleshwar Das...

CVE-2022-4601 Shoplazza LifeStyle Shipping/Member Discount/Icon cross site scripting

A vulnerability was found in Shoplazza LifeStyle 1.1. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/api/theme-edit/ of the component Shipping/Member Discount/Icon. The manipulation leads to cross site scripting. The attack can be initiated remotel...