CVE-2022-0775
WooCommerce < 6.2.1 - Subscriber+ Arbitrary Comment DeletionThe WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment
We have discovered 428,468 live websites that are affected by CVE-2022-0775.
Contact us to get more info
Affected Software
| |
---|
Product | WooCommerce |
Category | Ecommerce |
Vulnerable Versions | |
Total Vulnerable Versions | 582 |
Vulnerable Domains | 428,468 live websites (33.16% of WooCommerce install base) |
Common Weakness Enumeration
CWE-863 Incorrect Authorization