CVE-2024-44313

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks.

More information : https://github.com/tastyigniter/TastyIgniter/blob/3.x/app/admin/controllers/Orders.php