Bear - Woocommerce Bulk Editor And Products Manager Professional Security Vulnerabilities and Issues — Bear - Woocommerce Bulk Editor And Products Manager Professional CVE List

Lucene search

PluginusBear - Woocommerce Bulk Editor And Products Manager Professional

7 matches found

CVE•added 2023/10/20 8:15 a.m.•41 views

CVE-2023-4941

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobe_bulkoperations_swap function. This makes it possible for authenticated attackers (subscriber or higher) to manipulate products.

4.3CVSS4.3AI score0.00103EPSS

CVE•added 2023/10/18 8:15 a.m.•40 views

CVE-2023-4938

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobe_bulkoperations_apply_default_combination function. This makes it possible for authenticated attackers (subscriber or higher) to manipulate ...

4.3CVSS4.3AI score0.00073EPSS

CVE•added 2023/10/20 7:15 a.m.•34 views

CVE-2023-4942

The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3. This is due to missing or incorrect nonce validation on the woobe_bulkoperations_visibility function. This makes it possible for unauthenticated attackers to manipulate products via a forge...

4.3CVSS4.4AI score0.00097EPSS

CVE•added 2023/10/20 7:15 a.m.•32 views

CVE-2023-4935

The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3. This is due to missing or incorrect nonce validation on the create_profile function. This makes it possible for unauthenticated attackers to create profiles via a forged request granted the...

4.3CVSS4.5AI score0.00071EPSS

CVE•added 2023/10/20 7:15 a.m.•30 views

CVE-2023-4943

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobe_bulkoperations_visibility function. This makes it possible for authenticated attackers (subscriber or higher) to manipulate products.

4.3CVSS4.3AI score0.00103EPSS

CVE•added 2023/10/20 7:15 a.m.•27 views

CVE-2023-4937

The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3. This is due to missing or incorrect nonce validation on the woobe_bulkoperations_apply_default_combination function. This makes it possible for unauthenticated attackers to manipulate produ...

4.3CVSS4.4AI score0.00071EPSS

CVE•added 2023/10/20 7:15 a.m.•27 views

CVE-2023-4940

The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3. This is due to missing or incorrect nonce validation on the woobe_bulkoperations_swap function. This makes it possible for unauthenticated attackers to manipulate products via a forged requ...

4.3CVSS4.4AI score0.00071EPSS