PT-2024-12140 · Wp Swings · Points/Rewards For Woocommerce

Dave Jong

Published

2024-03-25

Updated

2024-03-25

CVE-2023-27608

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Points and Rewards for WooCommerce versions 1.5.0 and earlier

Description The issue is related to a Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce.

Recommendations For versions 1.5.0 and earlier, update to a version later than 1.5.0 to resolve the issue. At the moment, there is no information about other mitigation measures for this vulnerability.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2023-27608

Affected Products

Points/Rewards For Woocommerce

PT-2024-12140 · Wp Swings · Points/Rewards For Woocommerce

CVE-2023-27608

Weakness Enumeration

Related Identifiers

Affected Products

References · 5