Vulnerabilities (CVE)

Filtered by vendor Multidots Subscribe
Filtered by product Woocommerce Category Banner Management
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-11579 1 Multidots 1 Woocommerce Category Banner Management 2024-02-04 5.0 MEDIUM 5.3 MEDIUM
class-woo-banner-management.php in the MULTIDOTS WooCommerce Category Banner Management plugin 1.1.0 for WordPress has an Unauthenticated Settings Change Vulnerability, related to certain wp_ajax_nopriv_ usage. Anyone can change the plugin's setting by simply sending a request with a wbm_save_shop_page_banner_data action.