The Category Discount Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpcd_save_discount() function in all versions up to, and including, 4.12. This makes it possible for unauthenticated attackers to modify product category discounts that could lead to loss of revenue.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2024-01-25T01:55:02.024Z
Updated: 2024-09-10T17:44:40.972Z
Reserved: 2024-01-16T18:10:23.707Z
Link: CVE-2024-0617
Vulnrichment
Updated: 2024-08-01T18:11:35.667Z
NVD
Status : Modified
Published: 2024-01-25T02:15:53.067
Modified: 2024-11-21T08:47:00.617
Link: CVE-2024-0617
Redhat
No data.