cleantalk
Vulnerabilities and Security Researches

DN Shipping by Weight for WooCommerce, CVE-2024-11842

CVE, Research URL

CVE-2024-11842

Home page URL

Security reports for DN Shipping by Weight for WooCommerce

Application

DN Shipping by Weight for WooCommerce

Published on
Dec 27, 2024
Research Description
The DN Shipping by Weight for WooCommerce WordPress plugin before 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Affected versions
max 1.2.
Status
vulnerable
Previous vulnerability researches
DN Shipping by Weight for WooCommerce (CVE-2024-11842) , Dec 12, 2024
DN Shipping by Weight for WooCommerce (CVE-2025-32535) , Apr 17, 2025
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs – Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025