Lucene search
PatchstackVULNRICHMENT:CVE-2024-31267HistoryJun 09, 2024 - 11:14 a.m.
CVE-2024-31267 WordPress Flexible Checkout Fields for WooCommerce plugin <= 4.1.2 - Broken Access Control vulnerability
2024-06-0911:14:37
CWE-862
Patchstack
github.com
wordpress
woocommerce
checkout fields
vulnerability
broken access control
missing authorization
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Missing Authorization vulnerability in WP Desk Flexible Checkout Fields for WooCommerce.This issue affects Flexible Checkout Fields for WooCommerce: from n/a through 4.1.2.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "flexible-checkout-fields",
"product": "Flexible Checkout Fields for WooCommerce",
"vendor": "WP Desk",
"versions": [
{
"changes": [
{
"at": "4.1.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.1.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2024-31267
2024-06-09 12:15:10
cvelist
cvelist
nvd
nvd
CVE-2024-31267
2024-06-09 12:15:10
wpvulndb
wpvulndb
Flexible Checkout Fields for WooCommerce < 4.1.3 - Missing Authorization
2024-04-11 00:00:00
wordfence
wordfence
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for VULNRICHMENT:CVE-2024-31267