Exploit for SQL Injection in Vanquish Woocommerce_Customers_Manager

CVE-2024-0399 - WooCommerce Customers Manager 29.4 - Post-Auth...

Upgraded Q -> M from 270 [1657580410834]

Judge has assessed an item in Issue 270 as Medium risk. The relevant finding follows: 6.L- Admin config ProtocolFee and gasFee missing max amount check which can be used to take fund from user With PROTOCOLFEEBPS 10000 more than 100%, the exchange can steal user WETH who might approve max WETH...