CVE-2024-32687

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Apr 22, 2024

CWE ID 862

Summary

CVE-2024-32687 represents a critical security vulnerability in WPClever WPC Frequently Bought Together for WooCommerce. This issue involves a missing authorization control, allowing unauthorized users to manipulate product suggestions. Affected versions of the plugin range from none identified through 7.0.3. Successful exploitation could potentially lead to unintended product recommendations and impair the user experience. Organizations utilizing this plugin are encouraged to update to the latest version as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vcVWAr
https://www.cve.org/CVERecord?id=CVE-2024-32687
https://nvd.nist.gov/vuln/detail/CVE-2024-32687

Back to Vulnerability Database

CVE-2024-32687

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations