CVE ID : CVE-2023-6327
Published : May 14, 2024, 2:33 p.m. | 32 minutes ago
Description : The ShopLentor (formerly WooLentor) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the purchased_new_products function in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to view all products purchased in the past week, along with the users that purchased them.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Full story here:
Published : May 14, 2024, 2:33 p.m. | 32 minutes ago
Description : The ShopLentor (formerly WooLentor) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the purchased_new_products function in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to view all products purchased in the past week, along with the users that purchased them.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Full story here:
![[DK]](/data/avatars/s/57/57999.jpg?1720990206){kind=avatar}
