Description
WordPress Plugin WooCommerce Stock Manager is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently change a number of product details including the price, stock status, and the weight of the product. WordPress Plugin WooCommerce Stock Manager version 1.0.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.0.8 or latest
References
Related Vulnerabilities
WordPress Plugin Postman SMTP Mailer/Email Log Cross-Site Scripting (2.0.0)
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-19969)
WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.7)
WordPress Plugin Font-official webfonts plugin of Fonts For Web Cross-Site Scripting (7.5.1)