Medium severity6.3NVD Advisory· Published Sep 25, 2024· Updated Apr 8, 2026

CVE-2024-6590

Description

The Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 3.8.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to edit post status, edit Google sheet integrations, and create Google sheet integrations.

Affected products

Javmah/Spreadsheet Integration
cpe:2.3:a:javmah:spreadsheet_integration:*:*:*:*:*:wordpress:*:*
Range: <=3.7.9

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.wordfence.com/threat-intel/vulnerabilities/id/d35ff2cc-9af2-4b72-bc49-e205275daa4dnvdThird Party Advisory
plugins.trac.wordpress.org/browser/wpgsi/trunk/admin/class-wpgsi-admin.phpnvdProduct
plugins.trac.wordpress.org/browser/wpgsi/trunk/admin/class-wpgsi-admin.phpnvdProduct
plugins.trac.wordpress.org/browser/wpgsi/trunk/admin/class-wpgsi-admin.phpnvdProduct
plugins.trac.wordpress.org/browser/wpgsi/trunk/admin/class-wpgsi-admin.phpnvdProduct

News mentions

No linked articles in our index yet.

cvss	0.410
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000