cleantalk
Vulnerabilities and Security Researches

BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net, CVE-2023-4941

CVE, Research URL

CVE-2023-4941

Home page URL

Security reports for BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net

Application

BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net

Published on
Oct 20, 2023
Research Description
The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobe_bulkoperations_swap function. This makes it possible for authenticated attackers (subscriber or higher) to manipulate products.
Affected versions
max 1.1.4.
Status
vulnerable
Previous vulnerability researches
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net (CVE-2026-1673) , Apr 13, 2026
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net (CVE-2026-1672) , Apr 13, 2026
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net (CVE-2023-4942) , Jun 06, 2024
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net (CVE-2023-4923) , Jun 06, 2024
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net (CVE-2023-4920) , Jun 06, 2024
New vulnerability
CodeColorer (CVE-2026-4032) , Apr 17, 2026
VI: Include Post By (CVE-2026-5717) , Apr 17, 2026
Responsive Accordion Slider (CVE-2026-0635) , Apr 17, 2026
Petje.af (CVE-2026-4002) , Apr 17, 2026
LinkedIn SC (CVE-2026-0812) , Apr 17, 2026