Authenticated IDOR vulnerability leading to PayPal email change discovered by Vlad Vector (Patchstack) in WordPress Affiliate For WooCommerce premium plugin (versions <= 4.7.0).
Update the WordPress Affiliate For WooCommerce plugin to the latest available version (at least 4.8.0).
CPE | Name | Operator | Version |
---|---|---|---|
affiliate for woocommerce | le | 4.7.0 |