CVE-2023-36519
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Published Dec 13, 2024
CWE ID 862
Summary
CVE-2023-36519 is a newly disclosed vulnerability affecting wpthemego's SW Product Bundles. The issue involves missing authorization, enabling unauthorized access to potentially sensitive data. This flaw can be exploited when access control security levels are incorrectly configured. The vulnerability exists in SW Product Bundles ranging from the undisclosed older version to 2.0.15. It is essential for users to update their software to mitigate this risk and secure their systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share