CVE-2024-1688 in Woo Total Sales Plugin정보

요약

\~에 의해 MITRE • 2024. 05. 02.

The Woo Total Sales plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_orders_archive() function in all versions up to, and including, 3.1.4. This makes it possible for unauthenticated attackers to retrieve sales reports for the store.

Be aware that VulDB is the high quality source for vulnerability data.

출처

Do you know our Splunk app?

Download it now for free!