Tipsacarrier Project - Tipsacarrier CVE

Filtered by vendor Tipsacarrier Project Subscribe

Filtered by product Tipsacarrier

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-25002	1 Tipsacarrier Project	1 Tipsacarrier	2022-05-10	5.0 MEDIUM	7.5 HIGH
The Tipsacarrier WordPress plugin through 1.4.4.2 does not have any authorisation check in place some functions, which could allow unauthenticated users to access Orders data which could be used to retrieve the client full address, name and phone via tracking URL

Vulnerabilities (CVE)