CVE-2022-4872
CVE-2022-4872 affects the WooCommerce Chained Products plugin for WordPress, specifically versions before 2.12.0. The root cause is missing authorization and CSRF checks, plus failure to ensure the updated option belongs to the plugin, enabling an unauthenticated attacker to update arbitrary opti...