CVE-2023-49194

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Dec 9, 2024
CWE ID 215

Summary

CVE-2023-49194 is a vulnerability affecting Importify, a popular WooCommerce plugin for dropshipping. The issue involves the insertion of sensitive information into debugging code, allowing unauthorized parties to retrieve embedded data. Affected versions of Importify range from the initial release through 1.0.4. This vulnerability poses a significant risk, as sensitive data can be exposed without proper authorization, potentially leading to data breaches and other malicious activities. Importify users are urged to update to the latest version or contact their service provider for assistance in mitigating this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share