CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36512 – WordPress AutomateWoo plugin <= 5.7.5 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2023-36512
Missing Authorization vulnerability in Woo AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.5. Vulnerabilidad de autorización faltante en Woo AutomateWoo. Este problema afecta a AutomateWoo: desde n/a hasta 5.7.5. The AutomateWoo plugin for WordPress is vulnerable to unauthorized functionality access due to a missing capability check on one of its functions in versions up to, and including, 5.7.5. This makes it possible for unauthenticated attackers to invoke this function intended for users with higher privileges. • https://patchstack.com/database/vulnerability/automatewoo/wordpress-automatewoo-plugin-5-7-5-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •