2 matches found
CVE-2025-3780 WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible <= 6.7.16 - Missing Authorization to Unauthenticated Plugin Settings Modification
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcfmredirecttosetup function in all versions up to, and including, 6.7.16. This makes i...
WordPress WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin <= 6.7.16 - Missing Authorization to Unauthenticated Plugin Settings Modification vulnerability
Missing Authorization to Unauthenticated Plugin Settings Modification vulnerability discovered by Brian Sans-Souci liardom in WordPress Plugin WCFM – Frontend Manager for WooCommerce versions = 6.7.16...