Vulnerabilities and security researches forwishlist-and-compare wishlist-and-compare

Jun 07, 2024

CVE, Research URL: d16ff76f2758ae5cd2524881fb65080698c295c3
Home page URL: Security reports for Wishlist and Compare for WooCommerce
Application: Wishlist and Compare for WooCommerce
Date: May 08, 2021
Research Description: Wishlist and Compare for WooCommerce [wishlist-and-compare] < 1.0.5 Wishlist and Compare for WooCommerce <= 1.0.4 - Authorization Bypass The Wishlist and Compare for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to edit plugin settings.
Affected versions: Min -, max -.
Status: vulnerable