5 matches found
CVE-2025-6730
The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the xlooptincall function in all versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with Subscriber-level...
WordPress Bonanza – WooCommerce Free Gifts Lite plugin <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Opt In Success vulnerability
Missing Authorization to Authenticated Subscriber+ Opt In Success vulnerability discovered by Poli in WordPress Plugin Bonanza – WooCommerce Free Gifts Lite versions = 1.0.0...
CVE-2025-6730
The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the xlooptincall function in all versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2025-6730 Bonanza – WooCommerce Free Gifts Lite <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Opt In Success
The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the xlooptincall function in all versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2025-6730 Bonanza – WooCommerce Free Gifts Lite <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Opt In Success
The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the xlooptincall function in all versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with Subscriber-level...