2 matches found
CVE-2022-0775
The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment...
CVE-2022-0775
The CVE-2022-0775 issue affects the WooCommerce WordPress plugin prior to 6.2.1. The vulnerability stems from missing authorization checks when deleting reviews, enabling any authenticated user (e.g., a subscriber) to delete arbitrary comments. This is an explicit authorization flaw rather than a...