Description
WordPress Plugin Improved Product Options for WooCommerce is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently take over the website and its database. WordPress Plugin Improved Product Options for WooCommerce version 5.2.0 is vulnerable; prior versions are also affected.
Remediation
Update to plugin version 5.3.0 or latest
References
https://blog.nintechnet.com/16-woocommerce-product-add-ons-plugins-fixed-vulnerabilities/
https://xforwoocommerce.com/blog/change-log/xforwoocommerce-1-7-0/
Related Vulnerabilities
WordPress Plugin WooCommerce Catalog Enquiry Arbitrary File Upload (3.0.0)
WordPress Plugin Better WordPress Minify Arbitrary File Disclosure (1.2.2)
XWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-26476)
WordPress Plugin WP Email Template HTML Injection (2.2.10)
WordPress Plugin Easy Twitter Feed Cross-Site Scripting (1.1)