2 matches found
CVE-2016-11010
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpitwocheckout payer metadata updates...
CVE-2016-11010
The CVE-2016-11010 entry concerns the WordPress WP-Invoice plugin, affected in versions before 4.1.1. The root cause is incorrect access control over wpi_twocheckout payer metadata updates, enabling potential unauthorized updates to payer data. Public documentation in the provided sources confirm...