CVE-2023-4924

Posted on 2023년 10월 20일2023년 10월 20일 by admin

CVE-2023-4924

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to missing capability checks on the woobe_bulkoperations_delete function. This makes it possible for authenticated attackers, with subscriber access or higher, to delete products.

Source: CVE-2023-4924

답글 남기기 응답 취소