2 matches found
PT-2023-22960 · WordPress · Mstore Api
The MStore API WordPress plugin, specifically versions before 3.9.9, is affected by a security issue that allows visitors to create user accounts with a role of their choice via the wholesale REST API endpoint. This issue is only exploitable if the site owner has paid to access the plugin's pro...
Improper access control
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.52, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow an authenticated user to create a privileged account due to improper access controls. IBM X-Force ID: 188896...