2 matches found
CVE-2022-36284
CVE-2022-36284 involves the StoreApps Affiliate For WooCommerce premium plugin (
CVE-2022-36284 WordPress Affiliate For WooCommerce premium plugin <= 4.7.0 - Authenticated IDOR vulnerability leading to PayPal email change
Authenticated IDOR vulnerability in StoreApps Affiliate For WooCommerce premium plugin = 4.7.0 at WordPress allows an attacker to change the PayPal email. WooCommerce PayPal Payments plugin free should be at least installed to get the extra input field on the user profile page...