2 matches found
CVE-2023-4941 BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation
The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobebulkoperationsswap function. This makes it possible for authenticated attackers subscriber or higher to manipulate products...
CVE-2023-4941
CVE-2023-4941 concerns BEAR – Bulk Editor and Products Manager for WooCommerce (WordPress plugin) up to version 1.1.3.3. The Red Hat/NVD/Wordfence entries describe a Missing Authorization flaw caused by a missing capability check in the woobe_bulkoperations_swap function, enabling authenticated u...