In WooCommerce Multilingual & Multicurrency versions up to 5.3.6 a medium severity vulnerability CVE-2024-44006 was detected. This vulnerability allows attackers to exploit incorrectly configured access control security levels, potentially bypassing authorization controls. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-44006.
Read more E-commerceIn WooCommerce PDF Voucher plugin versions 4.9.4 and prior a high severity vulnerability CVE-2024-39650 was detected. This vulnerability allows missing capability checks in several functions, leading to unauthorized access. Unauthenticated attackers can exploit this to perform actions intended for admins. To fix this issue, users need to update to versions 4.9.5 or above. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-39650.
Read more E-commerceIn WooCommerce Product Delivery Date plugin versions 2.7.2 and prior a medium severity vulnerability CVE-2024-38702 was found. This vulnerability lacks authorization controls, allowing unauthorized access to functions that should be restricted by Access Control Lists (ACLs). To fix this issue, users need to update to versions 2.7.3 or above. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-38702.
Read more E-commerceIn WooCommerce PDF Invoices & Packing Slips versions up to 3.8.6 a medium severity vulnerability CVE-2024-5042, was detected. This allows attackers to exploit incorrectly configured access control security levels, potentially leading to unauthorized access. To fix this issue, users must upgrade to version 3.8.7. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-50421.
Read more E-commerceIn Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, and 2.4.4-p10 a medium severity vulnerability CVE-2024-45131 was detected. This vulnerability allows attackers with limited access to bypass security restrictions and potentially access sensitive information or perform unauthorized actions within Adobe Commerce. To fix this issue, users should upgrade Adobe Commerce to versions 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, and 2.4.4-p11. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-45131.
Read more E-commerceIn Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 a high severity vulnerability CVE-2024-45133 was detected. This vulnerability allows attackers with admin access to bypass security features, potentially exposing sensitive information and enabling further attacks. To fix this issue, users should upgrade Adobe Commerce to versions 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, and 2.4.4-p11. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-45133.
Read more E-commerceIn Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 a medium severity vulnerability CVE-2024-45130 was detected. This vulnerability allows attackers with limited access to bypass security restrictions and perform unauthorized actions within the system. To fix this issue, users should upgrade Adobe Commerce to versions 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, and 2.4.4-p11. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-45130.
Read more E-commerceIn Magento (Adobe Commerce) versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, and 2.4.4-p10 a medium severity vulnerability CVE-2024-45135 was detected. This vulnerability allows attackers with admin access to bypass security measures in Adobe Commerce, so it’s essential to upgrade and review admin rights regularly. To fix this issue, users should upgrade Adobe Commerce to versions 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, and 2.4.4-p11. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-45135.
Read more E-commerceIn Magento (Adobe Commerce) versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier a low severity vulnerability CVE-2024-45134 was detected. This vulnerability allows an admin attacker to bypass security features, potentially exposing sensitive information and aiding further attacks. To fix this problem, users should upgrade to version 2.4.7-p3. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-45134.
Read more E-commerce