4 matches found
Missing Authorization
Overview shopware/core is a Shopware platform is the core for all Shopware ecommerce products. Affected versions of this package are vulnerable to Missing Authorization in the orderStateTransition process. An attacker can modify order states without proper privileges by sending crafted API reques...
Improper Authorization
Overview Affected versions of this package are vulnerable to Improper Authorization in the capturePayment, cancel, mark paid, mark complete, archive, start processing, mark delivered, and edit tracking actions within the admin panel components. An attacker can perform unauthorized modifications t...
WordPress Appmax plugin <= 1.0.3 - Missing Authorization to Order Status Manipulation and Arbitrary Order Creation via Webhook Endpoint vulnerability
Missing Authorization to Order Status Manipulation and Arbitrary Order Creation via Webhook Endpoint vulnerability discovered by WordFence in WordPress Plugin Appmax versions = 1.0.3...
EUVD-2024-0229
Malicious code in bioql PyPI...