2 matches found
WordPress Customer Reviews for WooCommerce plugin <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Coupon Search vulnerability
Missing Authorization to Authenticated Subscriber+ Coupon Search vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Customer Reviews for WooCommerce versions = 5.46.0...
PT-2024-28134 · WordPress · Customer Reviews For Woocommerce
Name of the Vulnerable Software and Affected Versions: Customer Reviews for WooCommerce plugin for WordPress affected versions not specified Description: The issue allows unauthorized access to data due to a missing capability check on the woocommerce json search coupons function. This enables...