CVE-2022-23061
Shopizer vulnerability CVE-2022-23061 affects Shopizer 2.0–2.17.0. A regular admin can permanently delete a superadmin via an Insecure Direct Object Reference (IDOR) flaw. Root cause: insufficient access control/IDOR exposure in admin actions. Documented as possibly not allowed by the product doc...