CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43312 – WordPress WPC Frequently Bought Together for WooCommerce plugin <= 7.1.9 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-43312
16 Aug 2024 — Missing Authorization vulnerability in WPClever WPC Frequently Bought Together for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Frequently Bought Together for WooCommerce: from n/a through 7.1.9. The WPC Frequently Bought Together for WooCommerce plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the ajax_add_rule, ajax_add_combination, and ajax_search_term functions in versions... • https://patchstack.com/database/vulnerability/woo-bought-together/wordpress-wpc-frequently-bought-together-for-woocommerce-plugin-7-1-9-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32687 – WordPress WPC Frequently Bought Together for WooCommerce plugin <= 7.0.3 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-32687
17 Apr 2024 — Missing Authorization vulnerability in WPClever WPC Frequently Bought Together for WooCommerce.This issue affects WPC Frequently Bought Together for WooCommerce: from n/a through 7.0.3. Vulnerabilidad de autorización faltante en WPClever WPC Frequently Bought Together for WooCommerce. Este problema afecta a WPC frecuentemente comprado juntos para WooCommerce: desde n/a hasta 7.0.3. The WPC Frequently Bought Together for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing c... • https://patchstack.com/database/vulnerability/woo-bought-together/wordpress-wpc-frequently-bought-together-for-woocommerce-plugin-7-0-3-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •