Search criteria
2 vulnerabilities found for Checkout with Zelle on Woocommerce by The African Boss
CVE-2023-37969 (GCVE-0-2023-37969)
Vulnerability from cvelistv5 – Published: 2024-12-13 14:23 – Updated: 2024-12-13 20:43
VLAI?
Title
WordPress Checkout with Zelle on Woocommerce plugin <= 3.1 - Broken Access Control vulnerability
Summary
Missing Authorization vulnerability in The African Boss Checkout with Zelle on Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout with Zelle on Woocommerce: from n/a through 3.1.
Severity ?
5.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The African Boss | Checkout with Zelle on Woocommerce |
Affected:
n/a , ≤ 3.1
(custom)
|
Credits
Mika (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37969",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-13T20:42:58.543488Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-13T20:43:24.195Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wc-zelle",
"product": "Checkout with Zelle on Woocommerce",
"vendor": "The African Boss",
"versions": [
{
"changes": [
{
"at": "3.1.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Mika (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMissing Authorization vulnerability in The African Boss Checkout with Zelle on Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.\u003c/p\u003e\u003cp\u003eThis issue affects Checkout with Zelle on Woocommerce: from n/a through 3.1.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in The African Boss Checkout with Zelle on Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout with Zelle on Woocommerce: from n/a through 3.1."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-13T14:23:50.866Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/wc-zelle/vulnerability/wordpress-checkout-with-zelle-on-woocommerce-plugin-3-1-broken-access-control-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Checkout with Zelle on Woocommerce plugin to the latest available version (at least 3.1.1)."
}
],
"value": "Update the WordPress Checkout with Zelle on Woocommerce plugin to the latest available version (at least 3.1.1)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Checkout with Zelle on Woocommerce plugin \u003c= 3.1 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-37969",
"datePublished": "2024-12-13T14:23:50.866Z",
"dateReserved": "2023-07-11T11:34:41.812Z",
"dateUpdated": "2024-12-13T20:43:24.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37969 (GCVE-0-2023-37969)
Vulnerability from nvd – Published: 2024-12-13 14:23 – Updated: 2024-12-13 20:43
VLAI?
Title
WordPress Checkout with Zelle on Woocommerce plugin <= 3.1 - Broken Access Control vulnerability
Summary
Missing Authorization vulnerability in The African Boss Checkout with Zelle on Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout with Zelle on Woocommerce: from n/a through 3.1.
Severity ?
5.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The African Boss | Checkout with Zelle on Woocommerce |
Affected:
n/a , ≤ 3.1
(custom)
|
Credits
Mika (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37969",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-13T20:42:58.543488Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-13T20:43:24.195Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wc-zelle",
"product": "Checkout with Zelle on Woocommerce",
"vendor": "The African Boss",
"versions": [
{
"changes": [
{
"at": "3.1.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Mika (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMissing Authorization vulnerability in The African Boss Checkout with Zelle on Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.\u003c/p\u003e\u003cp\u003eThis issue affects Checkout with Zelle on Woocommerce: from n/a through 3.1.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in The African Boss Checkout with Zelle on Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout with Zelle on Woocommerce: from n/a through 3.1."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-13T14:23:50.866Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/wc-zelle/vulnerability/wordpress-checkout-with-zelle-on-woocommerce-plugin-3-1-broken-access-control-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Checkout with Zelle on Woocommerce plugin to the latest available version (at least 3.1.1)."
}
],
"value": "Update the WordPress Checkout with Zelle on Woocommerce plugin to the latest available version (at least 3.1.1)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Checkout with Zelle on Woocommerce plugin \u003c= 3.1 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-37969",
"datePublished": "2024-12-13T14:23:50.866Z",
"dateReserved": "2023-07-11T11:34:41.812Z",
"dateUpdated": "2024-12-13T20:43:24.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}