2 matches found
CVE-2022-1057
CVE-2022-1057 affects the WordPress plugin “Pricing Deals for WooCommerce” up to version 2.0.2.02. The vulnerability is an unauthenticated SQL injection caused by improper sanitisation/escaping of a parameter in an AJAX action, allowing arbitrary SQL execution and potential data disclosure or mod...
CVE-2023-41240
CVE-2023-41240 concerns the WordPress plugin Pricing Deals for WooCommerce . Affected versions are up to 2.0.3.2 and the issue is described as Missing Authorization / Broken Access Control . It allows an unauthenticated user to exploit a lack of authorization (e.g., via the vtprd_ajax_clone_rule ...