CVE-2024-10614

Vulnerability Description

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cancel_import() function in all versions up to, and including, 5.61.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to cancel and import or check on the status.

Vulnerability Details

Published Date

November 16, 2024

Last Modified

February 05, 2025

Source

NVD

CVE-2024-10614

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment