WordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Unauthenticated Multiple Vulnerabilities

CVE-2024-39650

What is CVE-2024-39650?

A vulnerability exists in WPWeb Elite WooCommerce PDF Vouchers that allows attackers to exploit missing authorization controls. This vulnerability enables unauthorized access to functionalities that should be constrained by access control lists (ACLs). The affected versions of the WooCommerce PDF Vouchers plugin, including versions from n/a up to and including 4.9.4, exhibit these security weaknesses. It is crucial for site administrators using this plugin to review their configurations and apply necessary updates to mitigate potential risks associated with unauthorized functionality access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References