CVE-2024-4233 - Vulnerability Details

- Broken Access Control vulnerability in multiple WordPress plugins by Tyche Softwares

Description

Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce, Tyche Softwares Arconix Shortcodes, Tyche Softwares Arconix FAQ.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.8.1; Arconix Shortcodes: from n/a through 2.1.10; Arconix FAQ: from n/a through 1.9.3.

Published: 2024-05-08

Score: 4.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Tyche Softwares

Print Invoice & Delivery Notes for WooCommerce

unaffected

Version	Status	Constraints
`n/a`	affected	≤ 4.8.1

Tyche Softwares

Arconix Shortcodes

unaffected

Version	Status	Constraints
`n/a`	affected	≤ 2.1.10

Tyche Softwares

Arconix FAQ

unaffected

Version	Status	Constraints
`n/a`	affected	≤ 1.9.3

No data.

No data available yet.

Remediation

Vendor Solution

Update Print Invoice & Delivery Notes for WooCommerce to 4.9.0 or a higher version.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2024-32785	Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce, Tyche Softwares Arconix Shortcodes, Tyche Softwares Arconix FAQ.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.8.1; Arconix Shortcodes: from n/a through 2.1.10; Arconix FAQ: from n/a through 1.9.3.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00148.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://patchstack.com/database/vulnerability/arconix-faq/wordpress-arconix-faq-plugin-1-9-3-broken-access-control-vulnerability?_s_id=cve
https://patchstack.com/database/vulnerability/arconix-shortcodes/wordpress-arconix-shortcodes-plugin-2-1-10-broken-access-control-vulnerability?_s_id=cve
https://patchstack.com/database/vulnerability/woocommerce-delivery-notes/wordpress-print-invoice-delivery-notes-for-woocommerce-plugin-4-8-1-broken-access-control-vulnerability?_s_id=cve

History

Tue, 28 Apr 2026 18:30:00 +0000

Type	Values Removed	Values Added
Description	Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce, Tyche Softwares Arconix Shortcodes, Tyche Softwares Arconix FAQ.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.8.1; Arconix Shortcodes: from n/a through 2.1.10; Arconix FAQ: from n/a through 1.9.3.	Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce, Tyche Softwares Arconix Shortcodes, Tyche Softwares Arconix FAQ.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.8.1; Arconix Shortcodes: from n/a through 2.1.10; Arconix FAQ: from n/a through 1.9.3.

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2024-05-08T13:19:59.655Z

Updated: 2026-04-28T16:10:08.359Z

Reserved: 2024-04-26T10:17:15.928Z

Link: CVE-2024-4233

Vulnrichment

Updated: 2024-08-01T20:33:52.986Z

NVD

Status : Deferred

Published: 2024-05-08T14:15:08.907

Modified: 2026-04-28T19:26:58.113

Link: CVE-2024-4233

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-862

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object