EUVD-2023-52341

Malicious code in bioql PyPI...

CVE-2023-48274

Missing Authorization vulnerability in Mondial Relay WooCommerce - WCMultiShipping WCMultiShipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCMultiShipping: from n/a through 2.3.5...

CVE-2023-48274

Missing Authorization vulnerability in Mondial Relay WooCommerce - WCMultiShipping WCMultiShipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCMultiShipping: from n/a through 2.3.5...

WordPress WCMultiShipping Plugin <= 2.3.7 is vulnerable to Broken Access Control

Software WCMultiShipping Type Plugin Vulnerable versions = 2.3.7 Fixed in 2.3.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e3e8c5ad85fa Credits Unknown Required privilege Subscriber...

WCMultiShipping < 2.3.6 - Missing Authorization to Log Export

Description The WCMultiShipping plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wmsexportlog function in all versions up to, and including, 2.3.5. This makes it possible for authenticated attackers, with subscriber-level access and above,...

WordPress WCMultiShipping Plugin <= 2.3.5 is vulnerable to Broken Access Control

Software WCMultiShipping Type Plugin Vulnerable versions = 2.3.5 Fixed in 2.3.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48274 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ae6198f38515 Credits Abdi Pranata Required...