Wcpos – Point Of Sale (Pos) Plugin For Woocommerce
Approved changes feed: RSS · Atom
cpe:2.3:a:kilbot:wcpos_–_point_of_sale_(pos)_plugin_for_woocommerce:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Kilbot (6ab61852-6e76-5c26-8c2e-f2af3e85f792) |
|---|---|
| Product | Wcpos – Point Of Sale (Pos) Plugin For Woocommerce (c6a2e15e-cee7-53b2-b8b2-d3d36dee39be) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-2384 |
vulnerable | 2026-06-08 06:33:30.980330 |
WooCommerce POS <= 1.4.11 - Insufficient Verification of Data Authenticity to Authenticated (Customer+) Information Disclosure
MEDIUM (4.3)
The WooCommerce POS plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.4.11. This is due to the plugin not properly verifying the authentication and authorization of the current user This makes it possible for authenticated attackers, with customer-level access and above, to view potentially sensitive information about other users by leveraging their order id
Published: 2024-03-20T02:35:41.744Z
Updated: 2026-04-08T17:26:25.925Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.