CVE-2024-11725 | cozyvision1 SMS Alert Order Notifications Plugin up to 3.7.6 on WordPress Setting updateWcWarrantySettings authorization

Posted by Angelo Barbosa | Jan 7, 2025 | CVE

A vulnerability, which was classified as critical, has been found in cozyvision1 SMS Alert Order Notifications Plugin up to 3.7.6 on WordPress. Affected by this issue is the function updateWcWarrantySettings of the component Setting Handler. The manipulation leads to missing authorization.

This vulnerability is handled as CVE-2024-11725. The attack may be launched remotely. There is no exploit available.

CVE-2024-11725 | cozyvision1 SMS Alert Order Notifications Plugin up to 3.7.6 on WordPress Setting updateWcWarrantySettings authorization

Related Posts

CVE-2024-21123 | Oracle Database Enterprise Edition up to 19.23 Core improper authorization

CVE-2024-9825 | Progress Chef Habitat Builder up to 20240913 authorization

CVE-2023-33109 | Qualcomm QCA667 WMI P2P Listen Start Command denial of service

CVE-2024-40038 | idcCMS 1.35 userScore_deal.php cross-site request forgery