VYPR

Rearrange Woocommerce Products

by WordPress

CVEs (1)

  • CVE-2021-24928MedFeb 7, 2022
    risk 0.42cvss 6.5epss 0.01

    The Rearrange Woocommerce Products WordPress plugin before 3.0.8 does not have proper access controls in the save_all_order AJAX action, nor validation and escaping when inserting user data in SQL statement, leading to an SQL injection, and allowing any authenticated user, such…