CVE-2023-4941

Posted on 2023년 10월 20일2023년 10월 20일 by admin

CVE-2023-4941

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobe_bulkoperations_swap function. This makes it possible for authenticated attackers (subscriber or higher) to manipulate products.

Source: CVE-2023-4941

답글 남기기 응답 취소