5 matches found
CVE-2023-27607
Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce.This issue affects Points and Rewards for WooCommerce: from n/a through 1.5.0...
CVE-2023-27607 WordPress Points and Rewards for WooCommerce plugin <= 1.5.0 - Settings Change vulnerability
Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce.This issue affects Points and Rewards for WooCommerce: from n/a through 1.5.0...
CVE-2023-27607
The CVE-2023-27607 issue affects the WordPress plugin Points and Rewards for WooCommerce (versions up to and including 1.5.0). The root cause is Missing Authorization checks, allowing unauthorized users to change settings. Impact is a Low-severity exposure (CVSS 5.4) involving settings changes. M...
CVE-2023-27607 WordPress Points and Rewards for WooCommerce plugin <= 1.5.0 - Settings Change vulnerability
Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce.This issue affects Points and Rewards for WooCommerce: from n/a through 1.5.0...
WordPress Points and Rewards for WooCommerce Plugin <= 1.5.0 is vulnerable to Settings Change
Software Points and Rewards for WooCommerce Type Plugin Vulnerable versions = 1.5.0 Fixed in 1.6.0 OWASP Top 10 A2: Broken Authentication Classification Settings Change CVE CVE-2023-27607 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 30461bd57ddb Credits Dave Jong...