2 matches found
CVE-2023-2555 WPCS – WordPress Currency Switcher Professional <= 1.1.9 - Missing Authorization to Custom Drop-Down Currency Switcher Creation
The WPCS – WordPress Currency Switcher Professional plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the create function in versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with subscriber-level...
CVE-2023-2555
CVE-2023-2555 affects the WPCS – WordPress Currency Switcher Professional plugin for WordPress. The issue arises from a missing capability check on the create function in versions up to and including 1.1.9, enabling authenticated attackers with subscriber-level permissions and above to create a c...