First published: Fri Nov 01 2024(Updated: )
Missing Authorization vulnerability in PickPlugins Product Designer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Product Designer: from n/a through 1.0.33.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
PickPlugins Product Designer | <=1.0.33 | |
WordPress Product Designer | <=1.0.33 |
Update to 1.0.34 or a higher version.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-38726 is considered a critical vulnerability due to its potential to allow unauthorized access to restricted functionalities.
To fix CVE-2024-38726, upgrade the PickPlugins Product Designer to version 1.0.34 or later.
CVE-2024-38726 affects users of PickPlugins Product Designer versions up to and including 1.0.33.
CVE-2024-38726 is a missing authorization vulnerability that allows access to functionality not properly constrained by access control lists (ACLs).
If exploited, CVE-2024-38726 could lead to unauthorized actions which may compromise sensitive functions of the application.