CVE-2023-30870

MEDIUM

Sharkdropship <2.2.3 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Missing Authorization vulnerability in wooproductimporter Sharkdropship for AliExpress Dropship and Affiliate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sharkdropship for AliExpress Dropship and Affiliate: from n/a through 2.2.3.

Scores

CVSS v3 6.5
EPSS 0.0039
EPSS Percentile 30.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-862
Status published
Products (2)
Marc dooder/Sharkdropship for AliExpress Dropship and Affiliate < 2.2.3
wooproductimporter/Sharkdropship for AliExpress Dropship and Affiliate < 2.2.3
Published Dec 09, 2024
Tracked Since Feb 18, 2026