Description The Local Delivery Drivers for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the ‘lddfw_edit_driver_service’ function in all versions up to, and including, 1.9.0. This makes it possible for unauthenticated attackers to take over driver accounts.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 1.9.1 |