cleantalk
Vulnerabilities and Security Researches

Account Manager for WooCommerce, 22c9e9d692c9c42ed198da08221ad28cdfb42ad9

CVE, Research URL

22c9e9d692c9c42ed198da08221ad28cdfb42ad9

Home page URL

Security reports for Account Manager for WooCommerce

Application

Account Manager for WooCommerce

Published on
Oct 13, 2022
Research Description
Account Manager for WooCommerce [account-manager-woocommerce] <= 2.1.1 (unfixed) WordPress Account Manager for WooCommerce plugin <= 2.0.19 - Broken Access Control vulnerability Broken Access Control vulnerability leading to the export of sensitive information (user id, first name, last name) by the subscriber or higher role user discovered by WordPress Account Manager for WooCommerce plugin (versions <= 2.0.19). No patched version is available. No reply from the vendor.
Affected versions
max 2.1.1.
Status
vulnerable
Previous vulnerability researches
Account Manager for WooCommerce (22c9e9d692c9c42ed198da08221ad28cdfb42ad9) , Jun 07, 2024
Account Manager for WooCommerce (CVE-2022-41656) , Jun 10, 2024
New vulnerability
Security & Malware scan by CleanTalk , Apr 03, 2026
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
NotificationX &#8211; Best FOMO, Social Proof, WooCommerce Sales Popup &amp; Notification Bar Plugin With Elementor (CVE-2026-27042) , Mar 31, 2026
The Conference (CVE-2026-32335) , Mar 31, 2026
WP Booking System &#8211; Booking Calendar (CVE-2025-68515) , Mar 31, 2026