[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fb0Uuyy8ICcxWEMr8tNHSk6mjVGKxJE-zoPBdI1Y9TUk":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2024-33567","barcode-scanner-with-inventory-order-manager-unauthenticated-privilege-escalation","Barcode Scanner with Inventory & Order Manager \u003C= 1.5.3 - Unauthenticated Privilege Escalation","The Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader. plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.5.3. This is due to the plugin not properly restricting user meta values that can be updated. This makes it possible for unauthenticated attackers to elevate their privileges to an administrator.","barcode-scanner-lite-pos-to-manage-products-inventory-and-orders",null,"\u003C=1.5.3","1.5.4","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Privilege Management","2024-04-25 00:00:00","2024-05-01 15:39:48",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fdffaf909-72f5-466f-8dd0-d46a81402caf?source=api-prod",7]