BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net, CVE-2023-4943

CVE, Research URL: CVE-2023-4943
Home page URL: Security reports for BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
Application: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
Published on: Oct 20, 2023
Research Description: The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobe_bulkoperations_visibility function. This makes it possible for authenticated attackers (subscriber or higher) to manipulate products.
Affected versions: max 1.1.4.
Status: vulnerable

BEAR &#8211; Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net, CVE-2023-4943