WPCargo Track & Trace Missing Authorization Vulnerability Allowing Insecure Direct Object References

Vulnerability

A missing authorization vulnerability has been identified in the WPCargo Track & Trace WordPress plugin, affecting versions through 8.0.1. This vulnerability allows exploitation of incorrectly configured access control security levels, leading to insecure direct object references (IDOR).

Impact

Exploitation of this vulnerability could bypass authorization, allowing access to sensitive files or database interactions.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WPCargo Track & Trace Missing Authorization Vulnerability Allowing Insecure Direct Object References

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating