2 matches found
CVE-2023-3126
The CVE-2023-3126 entry concerns the WordPress plugin B2BKing . A missing capability check in the function b2bkingdownloadpricelist (affected versions: up to and including 4.6.00) allows authenticated users with subscriber/customer-level permissions to retrieve the site’s full product pricing lis...
CVE-2023-3125
CVE-2023-3125 affects the B2BKing plugin for WordPress. A missing capability check in the b2bking_save_price_import function in versions up to and including 4.6.00 allows authenticated users with subscriber/customer privileges to modify product pricing (unauthorized data modification). The vulner...