PT-2024-12922 · Woocommerce · Category Slider For Woocommerce

Abdi Pranata

Published

2024-12-13

Updated

2024-12-17

CVE-2023-41132

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Category Slider for WooCommerce versions 1.4.15 and earlier

Description The issue affects the Category Slider for WooCommerce plugin, allowing exploitation of incorrectly configured access control security levels due to a missing authorization vulnerability. This results in broken access control.

Recommendations For Category Slider for WooCommerce version 1.4.15 and earlier, update the plugin to the latest version to protect the site and mitigate risks. As a temporary workaround, consider restricting access to sensitive areas of the site until the update is applied.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2023-41132

Affected Products

Category Slider For Woocommerce

PT-2024-12922 · Woocommerce · Category Slider For Woocommerce

CVE-2023-41132

Weakness Enumeration

Related Identifiers

Affected Products

References · 10