This issue affects AliNext: from n/a through 3.3.5.
Analysis and contextual insights are available on OpenCVE Cloud.
Vendor Solution
Update the WordPress Ali2Woo Lite plugin to the latest available version (at least 3.3.7).
Tracking
Sign in to view the affected projects.
No advisories yet.
Sun, 21 Jun 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Ali2woo
Ali2woo alinext Wordpress Wordpress wordpress |
|
| Vendors & Products |
Ali2woo
Ali2woo alinext Wordpress Wordpress wordpress |
Thu, 18 Jun 2026 04:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 17 Jun 2026 12:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Missing Authorization vulnerability in ali2woo AliNext allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AliNext: from n/a through 3.3.5. | |
| Title | WordPress AliExpress Dropshipping with AliNext Lite plugin <= 3.3.5 - Broken Access Control vulnerability | |
| Weaknesses | CWE-862 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-06-17T15:29:25.937Z
Reserved: 2024-06-04T16:45:55.565Z
Link: CVE-2024-37210
Updated: 2026-06-17T13:30:23.154Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-06-20T23:03:25Z