Description
WordPress Plugin XforWooCommerce is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently take over the website and its database. WordPress Plugin XforWooCommerce version 1.6.4 is vulnerable; prior versions are also affected.
Remediation
Update to plugin version 1.7.0 or latest
References
Related Vulnerabilities
MySQL CVE-2020-14873 Vulnerability (CVE-2020-14873)
WordPress Plugin 123ContactForm for WordPress Multiple Vulnerabilities (1.5.6)
Moodle Other Vulnerability (CVE-2006-4940)
WordPress Plugin NextScripts:Social Networks Auto-Poster Security Bypass (4.3.17)
WordPress Plugin Sharebar Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1)