MEDIUM
ali2woo
CVE published 2026-06-17
CVE-2024-37210
The AliNext plugin, used for AliExpress dropshipping, has a Missing Authorization vulnerability. This issue, tracked as CVE-2024-37210, allows attackers to exploit incorrectly configured access control security levels. The vulnerability has a CVSS score of 6.5 and is classified as MEDIUM severity. It affects AliNext versions from n/a through 3.3.5. Users of this plugin should take immediate action to secu [truncated]