One Click Order Re Order

one_click_order_re-order

Vendor: Cedcommerce • 1 CVE

CVEs (1)

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-5641

1Cedcommerce

1One Click Order Re Order

Apr 8, 2026

Jul 4, 2024

N/A· v4

5.4 MEDIUM· v3

N/A· v2

The One Click Order Re-Order plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ced_ocor_save_general_setting' function in all versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change the plugin settings, including adding stored cross-site scripting.Show less