cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-5769,https://securityvulnerability.io/vulnerability/CVE-2024-5769,Unauthorized Data Modification in MIMO WooCommerce Order Tracking Plugin for WordPress,"The MIMO WooCommerce Order Tracking plugin for WordPress has a vulnerability that allows authenticated attackers with Subscriber-level access and above to modify shipper tracking settings. This issue arises due to a lack of proper capability checks on several critical functions within the plugin. As a result, malicious users can add, update, or delete tracking information, potentially leading to misinformation or disruption of order tracking functionality.",Wordpress,Mimo WooCommerce Order Tracking,4.3,MEDIUM,0.0006799999973736703,false,,false,false,false,false,false,false,2025-01-09T11:10:56.814Z,0
CVE-2024-5768,https://securityvulnerability.io/vulnerability/CVE-2024-5768,MIMO Woocommerce Order Tracking Plugin Vulnerable to Data Modification,"The MIMO Woocommerce Order Tracking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mimo_update_provider' function in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update shipping provider information, including adding stored cross-site scripting.",Wordpress,Mimo WooCommerce Order Tracking,6.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-06-19T03:12:32.044Z,0