CVE-2020-36841
The WooCommerce Smart Coupons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the woocommercecouponadmininit function in versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to send themselves gift certificates ...