Vulnerabilities > CVE-2024-31276 - Missing Authorization vulnerability in Wpfactory Products, Order & Customers Export for Woocommerce

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

wpfactory

CWE-862

critical

NVD

Published: 2024-06-09

Updated: 2024-06-12

Summary

Missing Authorization vulnerability in WPFactory Products, Order & Customers Export for WooCommerce.This issue affects Products, Order & Customers Export for WooCommerce: from n/a through 2.0.8.

Vulnerable Configurations

Part	Description	Count
Application	Wpfactory Wpfactory Products, Order & Customers Export FOR Woocommerce - Wpfactory Products, Order & Customers Export FOR Woocommerce 1.0.0 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.1.0 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.2.0 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.2.1 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.3.0 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.4.0 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.5.0 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.5.1 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.5.2 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.5.3 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.5.4 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.5.5 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.6 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.7 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.7.1 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.7.2 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.7.3 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.7.4 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.7.5 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.7.6 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.7.7 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.7.8 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.8 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.8.1 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.9 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.9.1 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.9.2 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.9.3 Wpfactory Products, Order & Customers Export FOR Woocommerce 1.9.4 Wpfactory Products, Order & Customers Export FOR Woocommerce 2.0 Wpfactory Products, Order & Customers Export FOR Woocommerce 2.0.1 Wpfactory Products, Order & Customers Export FOR Woocommerce 2.0.2 Wpfactory Products, Order & Customers Export FOR Woocommerce 2.0.3 Wpfactory Products, Order & Customers Export FOR Woocommerce 2.0.4 Wpfactory Products, Order & Customers Export FOR Woocommerce 2.0.5 Wpfactory Products, Order & Customers Export FOR Woocommerce 2.0.6 Wpfactory Products, Order & Customers Export FOR Woocommerce 2.0.7 Wpfactory Products, Order & Customers Export FOR Woocommerce 2.0.8	39

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://patchstack.com/database/vulnerability/export-woocommerce/wordpress-products-order-customers-export-for-woocommerce-plugin-2-0-8-broken-access-control-vulnerability?_s_id=cve