Vulnerabilities > Etoilewebdesign > Order Tracking
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-01 | CVE-2024-43343 | Missing Authorization vulnerability in Etoilewebdesign Order Tracking Missing Authorization vulnerability in Etoile Web Design Order Tracking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Order Tracking: from n/a through 3.3.12. | 8.8 |
| 2023-08-31 | CVE-2023-4500 | Unspecified vulnerability in Etoilewebdesign Order Tracking 3.3.6 The Order Tracking Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the order status parameter in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. | 4.8 |