Description
WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently change the price of any product. WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More version 4.6.00 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.6.20 or latest
References
Related Vulnerabilities
WordPress Plugin Rencontre-Dating Site Security Bypass (1.6.9)
Oracle Database Server CVE-2011-2240 Vulnerability (CVE-2011-2240)
WordPress Plugin Stallion WordPress SEO Cross-Site Scripting (2.0)
WordPress Plugin Participants Database Cross-Site Scripting (1.7.5.9)
WordPress Plugin WP Support Plus Responsive Ticket System Privilege Escalation (7.1.4)