CVE-2024-13520 | codemenschen Gift Cards Plugin up to 4.4.6 on WordPress authorization

Inserito da Angelo Barbosa | Feb 20, 2025 | CVE

A vulnerability has been found in codemenschen Gift Cards Plugin up to 4.4.6 on WordPress and classified as problematic. Affected by this vulnerability is the function update_voucher_price/update_voucher_date/update_voucher_note. The manipulation leads to missing authorization.

This vulnerability is known as CVE-2024-13520. The attack can be launched remotely. There is no exploit available.

CVE-2024-13520 | codemenschen Gift Cards Plugin up to 4.4.6 on WordPress authorization

Post correlati

CVE-2023-47256 | ConnectWise ScreenConnect up to 23.8.4 Proxy Setting access control

CVE-2024-36509 | Fortinet FortiWeb up to 6.3.23/7.0.10/7.2.10/7.4.3/7.6.0 Log Access Event Page exposure of sensitive system information to an unauthorized control sphere (FG-IR-24-180)

CVE-2024-38885 | Horizon Business Services Caterease up to 24.0.1.2405 SQL User hard-coded password

CVE-2024-50838 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request department.php d/pi cross site scripting