Description
WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently change the price of any product. WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More version 4.6.00 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.6.20 or latest
References
Related Vulnerabilities
MySQL CVE-2022-39403 Vulnerability (CVE-2022-39403)
WordPress Plugin Custom Search by BestWebSoft Unspecified Vulnerability (1.21)
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.11.19)
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.12)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3390)