Woocommerce Multiple Customer Addresses \& Shipping Project CVE

Filtered by vendor Woocommerce Multiple Customer Addresses \& Shipping Project Subscribe

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-0865	1 Woocommerce Multiple Customer Addresses \& Shipping Project	1 Woocommerce Multiple Customer Addresses \& Shipping	2024-02-04	N/A	8.8 HIGH
The WooCommerce Multiple Customer Addresses & Shipping WordPress plugin before 21.7 does not ensure that the address to add/update/retrieve/delete and duplicate belong to the user making the request, or is from a high privilege users, allowing any authenticated users, such as subscriber to add/update/duplicate/delete as well as retrieve addresses of other users.

Vulnerabilities (CVE)