Description
WordPress Plugin WooCommerce is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently leak analytics reports. WordPress Plugin WooCommerce version 5.6.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin versions 4.0.3,4.1.3,4.2.4,4.3.5,4.4.3,4.5.4,4.6.4,4.7.3,4.8.2,4.9.4,5.0.2,5.1.2,5.2.4,5.3.2,5.4.3,5.5.3,5.6.1,5.7.0 or latest
References
Related Vulnerabilities
Craft CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14280)
WordPress Plugin WordPress Backup and Migrate-Backup Guard Cross-Site Request Forgery (1.1.90)
WordPress Plugin Woocommerce CSV importer Unspecified Vulnerability (3.4.0)
Oracle JRE CVE-2013-2472 Vulnerability (CVE-2013-2472)
PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10210)