exploitDog

CVE-2024-39650

Опубликовано: 01 нояб. 2024

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

EPSS Низкий

Описание

Missing Authorization vulnerability in WPWeb Elite WooCommerce PDF Vouchers allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WooCommerce PDF Vouchers: from n/a through 4.9.4.

Ссылки

https://patchstack.com/database/vulnerability/woocommerce-pdf-vouchers/wordpress-woocommerce-pdf-vouchers-plugin-4-9-3-unauthenticated-multiple-vulnerabilities?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wpwebelite:woocommerce_pdf_vouchers:*:*:*:*:*:wordpress:*:*

Версия до 4.9.5 (исключая)

EPSS

Процентиль: 44%

0.00219

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-68hh-g5c3-pjg2

CVSS3: 7.3

github

больше 1 года назад

Missing Authorization vulnerability in WPWeb Elite WooCommerce PDF Vouchers allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WooCommerce PDF Vouchers: from n/a through 4.9.4.

EPSS

Процентиль: 44%

0.00219

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-862