CVE-2024-55992

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 16, 2024

CWE ID 862

Summary

CVE-2024-55992 is a newly disclosed vulnerability affecting WooCommerce Basic Ordernumbers, specifically versions from n/a to 1.4.4. This issue involves a Missing Authorization flaw that can be exploited when access control security levels are not properly configured. Malicious actors can potentially manipulate or access sensitive information, leading to potential data breaches or unauthorized modifications. Businesses using the WooCommerce Basic Ordernumbers plugin are advised to update to a secure version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1lo7GB
https://www.cve.org/CVERecord?id=CVE-2024-55992
https://nvd.nist.gov/vuln/detail/CVE-2024-55992

Back to Vulnerability Database

CVE-2024-55992

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations