CVE-2024-43134 – Waitlist Woocommerce ( Back in stock notifier ) <= 2.6 - Missing Authorization

https://notcve.org/view.php?id=CVE-2024-43134

The Waitlist Woocommerce ( Back in stock notifier ) plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the send_email() and remove_row() function in versions up to, and including, 2.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to send emails and remove product rows. • CWE-862: Missing Authorization •