Privilege Escalation Vulnerability in Simple Registration for WooCommerce
CVE-2024-32511

9.8CRITICAL

Key Information:

Vendor: WordPress
Status: Simple Registration For WooCommerce
Vendor: CVE Published:; 17 May 2024

What is CVE-2024-32511?

An improper privilege management vulnerability in Astoundify's Simple Registration for WooCommerce potentially allows an attacker to exploit the system and escalate privileges. This vulnerability affects versions of the Simple Registration plugin, ranging from unnamed versions up to 1.5.6, highlighting the need for users to review their current installations and apply updates as necessary. Failure to address this issue could lead to unauthorized actions within the WooCommerce environment, compromising the integrity and confidentiality of user data.

Affected Version(s)

Simple Registration for WooCommerce <= 1.5.6

References

https://patchstack.com/database/vulnerability/woocommerce...

vdb-entry

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 17, 2024
Vulnerability Reserved
Apr 15, 2024

Credit

NGÔ THIÊN AN / ancorn_ from VNPT-VCI (Patchstack Alliance)

JSON

WordPress

What is CVE-2024-32511?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit