NotCVE - vendor:"Woocommerce Shipping Per Product" product:"Woocommerce Shipping Per Product"

1 results (0.031 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-51499 – WordPress WooCommerce Shipping Per Product plugin <= 2.5.4 - Broken Access Control vulnerability

https://notcve.org/view.php?id=CVE-2023-51499

Missing Authorization vulnerability in WooCommerce WooCommerce Shipping Per Product.This issue affects WooCommerce Shipping Per Product: from n/a through 2.5.4. Vulnerabilidad de autorización faltante en WooCommerce WooCommerce Shipping Per Product. Este problema afecta el envío por producto de WooCommerce: desde n/a hasta 2.5.4. The WooCommerce Shipping Per Product plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 2.5.4. This makes it possible for authenticated attackers, with customer-level access and above, to perform an unauthorized action. • https://patchstack.com/database/vulnerability/woocommerce-shipping-per-product/wordpress-woocommerce-shipping-per-product-plugin-2-5-4-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •