The vulnerability identified as CVE-2024-32814 in the Zorem Advanced Local Pickup for WooCommerce plugin is due to missing authorization controls. This weakness allows unauthorized users to potentially perform actions that require proper permissions, compromising the integrity of the system's operations related to local pickup functionality. The issue affects all versions up to 1.6.1. No official fix or patch has been published yet, and the vulnerability is not known to be exploited in the wild. The CVSS 3.1 base score is 5.3, reflecting a network attack vector with low complexity, no privileges required, and no user interaction needed, but with impact limited to integrity.

The impact of this vulnerability is limited to integrity, where unauthorized users might manipulate or interfere with local pickup settings or processes in the WooCommerce plugin. There is no impact on confidentiality or availability reported. Since no known exploits are active, the immediate risk is moderate but could increase if exploitation techniques emerge.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should monitor the vendor's communications for updates. No vendor-provided mitigation or temporary fix is currently available.