CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5641

The One Click Order Re-Order plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ced_ocor_save_general_setting' function in all versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change the plugin settings, including adding stored cross-site scripting.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 24.5%

CVSS Severity

CVSS v3 Score 6.4

References

Products affected by CVE-2024-5641

Cedcommerce » One Click Order Re-Order » Version: N/A

cpe:2.3:a:cedcommerce:one_click_order_re-order:-
Cedcommerce » One Click Order Re-Order » Version: 1.0.0

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.0.0
Cedcommerce » One Click Order Re-Order » Version: 1.0.1

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.0.1
Cedcommerce » One Click Order Re-Order » Version: 1.0.10

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.0.10
Cedcommerce » One Click Order Re-Order » Version: 1.0.2

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.0.2
Cedcommerce » One Click Order Re-Order » Version: 1.0.3

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.0.3
Cedcommerce » One Click Order Re-Order » Version: 1.0.4

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.0.4
Cedcommerce » One Click Order Re-Order » Version: 1.0.5

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.0.5
Cedcommerce » One Click Order Re-Order » Version: 1.0.6

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.0.6
Cedcommerce » One Click Order Re-Order » Version: 1.0.7

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.0.7
Cedcommerce » One Click Order Re-Order » Version: 1.0.8

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.0.8
Cedcommerce » One Click Order Re-Order » Version: 1.0.9

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.0.9
Cedcommerce » One Click Order Re-Order » Version: 1.1.0

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.1.0
Cedcommerce » One Click Order Re-Order » Version: 1.1.1

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.1.1
Cedcommerce » One Click Order Re-Order » Version: 1.1.2

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.1.2
Cedcommerce » One Click Order Re-Order » Version: 1.1.3

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.1.3
Cedcommerce » One Click Order Re-Order » Version: 1.1.4

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.1.4
Cedcommerce » One Click Order Re-Order » Version: 1.1.5

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.1.5
Cedcommerce » One Click Order Re-Order » Version: 1.1.6

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.1.6
Cedcommerce » One Click Order Re-Order » Version: 1.1.7

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.1.7
Cedcommerce » One Click Order Re-Order » Version: 1.1.8

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.1.8
Cedcommerce » One Click Order Re-Order » Version: 1.1.9

cpe:2.3:a:cedcommerce:one_click_order_re-order:1.1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5641

Products

Pricing

Contact Us