CVE-2024-38740
WordPress Packlink PRO shipping module plugin <= 3.4.6 - Broken Access Control vulnerabilityMissing Authorization vulnerability in Packlink Shipping S.L. Packlink PRO shipping module allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Packlink PRO shipping module: from n/a through 3.4.6.
We have discovered 291 live websites that are affected by CVE-2024-38740.
Affected Software
| Product |  Packlink Pro Shipping |
| Category | Wordpress Plugins |
| Vulnerable Domains | 291 live websites (100% of Packlink Pro Shipping install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 0 versions ( less than 0.1% of all versions) |
Common Weakness Enumeration
CWE-862 Missing AuthorizationDetails
- Published - Nov 1, 2024
- Updated - Nov 1, 2024
Credits
- Dhabaleshwar Das (Patchstack Alliance) (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2024-38740 United States | 15 websites |
 Spain | 86 websites |
 Italy | 72 websites |
 France | 52 websites |
 Germany | 36 websites |
 Belgium | 15 websites |
 Cyprus | 6 websites |
 GB | 6 websites |
 Denmark | 2 websites |
 Switzerland | 1 websites |
Website Distribution by TLD
Number of websites using CVE-2024-38740| .com | 166 websites |
| .it | 41 websites |
| .es | 40 websites |
| .fr | 15 websites |
| .de | 5 websites |
| .eu | 5 websites |
| .net | 3 websites |
| .org | 3 websites |
| .co.uk | 2 websites |
Websites affected by CVE-2024-38740
Top websites that are affected by CVE-2024-38740. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *************.com | Spain | ***,*** | |
| ****************.com | Spain | ***,*** | |
| *******.com | Italy | *,***,*** | |
| *********************.com | France | *,***,*** | |
| **********.com | Belgium | *,***,*** | |
| ********.********.com | France | *,***,*** | |
| **************.es | Belgium | *,***,*** | |
| ****************.com | United States | *,***,*** | |
| ****************.com | Germany | *,***,*** | |
| **********.com | France | *,***,*** |
FAQ
CVE-2024-38740 is Missing Authorization in Packlink Pro Shipping
A total of 291 websites have been identified as vulnerable to CVE-2024-38740, based on global website indexing conducted by WebTechSurvey.
The Packlink Pro Shipping is affected by the CVE-2024-38740 vulnerability.
Packlink Pro Shipping versions up to and including 3.4.6 are vulnerable to CVE-2024-38740.