cleantalk
Vulnerabilities and Security Researches

Product Catalog Mode For WooCommerce, b308b1976fbd8c17995ad5f6339f0f0a06f57ab7

CVE, Research URL

b308b1976fbd8c17995ad5f6339f0f0a06f57ab7

Home page URL

Security reports for Product Catalog Mode For WooCommerce

Application

Product Catalog Mode For WooCommerce

Published on
Nov 03, 2023
Research Description
CatalogX &#8211; Catalog Mode, Enquiry &amp; Quotes for WooCommerce [woocommerce-catalog-enquiry] < 5.0.3 Product Catalog Enquiry <= 5.0.2 - Missing Authorization The Product Catalog Mode For Woocommerce plugin for WordPress is vulnerable to unauthorized access and modification of data due to an improper capability check on the catalog_rest_routes_react_module REST endpoints in all versions up to 5.0.3 (exclusive). This makes it possible for unauthenticated attackers to view data from admin tabs and save enquiries.
Affected versions
max 5.0.3.
Status
vulnerable
Previous vulnerability researches
Payment Gateway for PayFabric (8bbbf1c0e1c721fb1f89da1df32fc1e12d96430d) , Jun 07, 2024
Payment Gateway for PayFabric (CVE-2023-33999) , Jun 13, 2026
Payment Gateway for PayFabric (7561f277f93e22b75aabd0195a11a27ce8a0b791) , Jun 16, 2026
Payment Gateway for PayFabric (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
New vulnerability
Short URL (49c452abea504abdd9ab5237225200824ba8be46) , Jun 16, 2026
Short URL (0a89fedcc5909ba9b39e490c8b4697c5ce4acc52) , Jun 16, 2026
10Web Booster &#8211; Website speed optimization, Cache &amp; Page Speed optimizer (fc200a6e9c12da568e368ba326276d36c052bd46) , Jun 16, 2026
10Web Booster &#8211; Website speed optimization, Cache &amp; Page Speed optimizer (a5844136834f85b2f395ec698651bb0c6473b351) , Jun 16, 2026
10Web Booster &#8211; Website speed optimization, Cache &amp; Page Speed optimizer (182b53a19005ff35d62bd24481e57e153c925f15) , Jun 16, 2026