Datalogics Ecommerce Delivery
Monthly
Unauthenticated privilege escalation in the Datalogics Ecommerce Delivery WordPress plugin (versions ≤ 2.6.62) allows remote attackers to gain elevated privileges on affected WordPress sites without any credentials or user interaction. The flaw, tracked by Patchstack and assigned a CVSS 9.8, enables full compromise of site integrity and confidentiality; no public exploit identified at time of analysis, but the network-reachable, no-auth nature makes opportunistic exploitation likely once details circulate.
Unauthenticated privilege escalation in the Datalogics Ecommerce Delivery WordPress plugin (versions ≤ 2.6.62) allows remote attackers to gain elevated privileges on affected WordPress sites without any credentials or user interaction. The flaw, tracked by Patchstack and assigned a CVSS 9.8, enables full compromise of site integrity and confidentiality; no public exploit identified at time of analysis, but the network-reachable, no-auth nature makes opportunistic exploitation likely once details circulate.