3 matches found
WordPress WooCommerce Multiple Customer Addresses & Shipping plugin < 24.9 - Vulnerable ACF Pro plugin Embed vulnerability
Vulnerable ACF Pro plugin Embed vulnerability discovered by ? in WordPress Plugin WooCommerce Multiple Customer Addresses & Shipping versions 24.9...
WordPress WooCommerce Multiple Customer Addresses & Shipping Plugin < 21.7 is vulnerable to Insecure Direct Object References (IDOR)
Software WooCommerce Multiple Customer Addresses & Shipping Type Plugin Vulnerable versions 21.7 Fixed in 21.7 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-0865 Patch priority Low CVSS severity Low 6.3 Developer Claim ownership PSID...
Cross site request forgery (csrf)
The WooCommerce Multiple Customer Addresses & Shipping WordPress plugin before 21.7 does not ensure that the address to add/update/retrieve/delete and duplicate belong to the user making the request, or is from a high privilege users, allowing any authenticated users, such as subscriber to...