Log out
Get PRO

Latest

Access violation vulnerability in Order Delivery Date for WP e-Commerce 12.3.1

  • Severity: critical
  • Status: Fixed
  • Publication: April 4, 2025

The Order Delivery Date plugin for WordPress may have a security issue that could allow unauthorized changes to be made to important data. This could potentially lead to someone gaining more privileges than they should have. This problem affects versions 2.0 to 12.3.1 (excluding version 12.3.1) of the plugin. This could allow attackers without an account to change certain settings on a WordPress site. They could use this to make themselves an administrator and gain control over the site. Please keep in mind that this only affects the paid version of the plugin.

Detected in:

Order Delivery Date for WP e-Commerce fixed vulnerable versions: >= 2.0 < 12.3.1
Order Delivery Date Pro for WooCommerce fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.