ActiveCampaign for WooCommerce, CVE-2022-3923
- CVE, Research URL
- Home page URL
- Application
- Published on
- Jan 10, 2023
- Research Description
- The ActiveCampaign for WooCommerce WordPress plugin before 1.9.8 does not have authorisation check when cleaning up its error logs via an AJAX action, which could allow any authenticated users, such as subscriber to call it and remove error logs.
- Affected versions
-
Min -, max 1.9.8.
- Status
-
vulnerable
Previous vulnerability researches |
---|
ActiveCampaign for WooCommerce (CVE-2022-3923) , Jun 07, 2024 |
ActiveCampaign for WooCommerce (713e8176a911ed97d097df89d6b2a137b7aa90eb) , Jun 07, 2024 |