Eniture Technology Distance Based Shipping Calculator Missing Authorization Vulnerability
Vulnerability
A missing authorization vulnerability exists in the Eniture Technology Distance Based Shipping Calculator plugin for WordPress, specifically in versions through 2.0.22. This vulnerability allows for exploitation of improperly configured access control security levels, potentially leading to unauthorized changes in settings.
Impact
Exploitation of this vulnerability could result in unauthorized changes to plugin settings, allowing attackers to manipulate shipping calculations or other related configurations.
Remediation
Users of the Eniture Technology Distance Based Shipping Calculator plugin should update to version 2.0.23 or later to address this vulnerability. Patchstack users can enable auto-update for vulnerable plugins.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.