Description
WordPress Plugin WooCommerce is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently create accounts via checkout block request. WordPress Plugin WooCommerce version 4.6.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.6.2 or latest
References
Related Vulnerabilities
WordPress Plugin Soundy Audio Playlist Cross-Site Scripting (4.6)
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.18)
WordPress Plugin Google Analytics Opt-Out Cross-Site Scripting (2.3.4)
WordPress Plugin WordPress Email Template Designer-WP HTML Mail HTML Injection (2.9.0.3)
WordPress Plugin FooBox Image Lightbox Cross-Site Scripting (1.0.4)