Description
WordPress Plugin WP-Recall-Registration, Profile, Commerce & More is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently delete arbitrary payments. WordPress Plugin WP-Recall-Registration, Profile, Commerce & More version 16.26.6 is vulnerable; prior versions may also be affected.
Remediation
Disable and remove the plugin until a fix is available
References
Related Vulnerabilities
Atlassian Confluence CVE-2023-22515 Vulnerability (CVE-2023-22515)
WordPress Plugin Video Gallery-Vimeo and YouTube Gallery Cross-Site Scripting (1.1.4)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-3169)
WordPress Plugin WP-Matomo (WP-Piwik) Cross-Site Scripting (1.0.4)
WordPress Plugin Members Import Cross-Site Request Forgery (1.3)