3 matches found
CVE-2023-4924
The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to missing capability checks on the woobebulkoperationsdelete function. This makes it possible for authenticated attackers, with subscriber access or higher, to delete products...
CVE-2023-4924
CVE-2023-4924 affects BEAR – Bulk Editor and Products Manager Pro for WooCommerce (Pluginus.Net). Versions up to 1.1.3.3 are vulnerable due to missing capability checks in woobe_bulkoperations_delete, enabling authenticated users with subscriber access or higher to delete products. Red Hat/NVD/Wo...
CVE-2023-4924 BEAR <= 1.1.3.3 - Missing Authorization to Product Deletion
The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to missing capability checks on the woobebulkoperationsdelete function. This makes it possible for authenticated attackers, with subscriber access or higher, to delete products...