Security Advisory

CVE-2024-1807

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-02 09:32:09

Last updated 2026-04-08 17:21:39

Assigner Wordfence

State PUBLISHED

Description

The Product Sort and Display for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the psad_update_product_cat_custom_meta_ajax function in all versions up to, and including, 2.4.1. This makes it possible for unauthenticated attackers to hide product categories.

← Browse all CVEs View on cve.org ↗