cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11423,https://securityvulnerability.io/vulnerability/CVE-2024-11423,Unauthorized Data Modification in WooCommerce Gift Card Plugin by WordPress,"The Ultimate Gift Cards for WooCommerce plugin facilitates the creation and management of digital gift cards for e-commerce sites. However, a security flaw exists due to the absence of proper capability checks on multiple REST API endpoints (such as /wp-json/gifting/recharge-giftcard). This vulnerability enables attackers without authentication to alter gift card balances, recharge gift cards without payment, and unlawfully reduce gift card values, posing significant risks to both merchants and customers.",Wordpress,"Gift Cards For WooCommerce Pro,Ultimate Gift Cards For WooCommerce – Create WooCommerce Gift Cards, Gift Vouchers, Redeem & Manage Digital Gift Coupons. Offer Gift Certificates, Schedule Gift Cards, And Use Advance Coupons With Personalized Templates",7.5,HIGH,0.000539999979082495,false,,false,false,true,true,false,false,2025-01-08T11:09:24.799Z,0