1 results (0.001 seconds)
CVSS: 5.4EPSS: %CPEs: 1EXPL: 0
CVSS: 5.4EPSS: %CPEs: 1EXPL: 0CVE-2023-37989 – Easyship WooCommerce Shipping Rates <= 0.8.9 - Missing Authorization via multiple AJAX actions
https://notcve.org/view.php?id=CVE-2023-37989
The Easyship WooCommerce Shipping Rates plugin for WordPress is vulnerable to unauthorized modification and deletion of data due to missing capability checks on multiple AJAX functions in versions up to, and including, 0.8.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to register for and deactivate EasyShip functionality. • CWE-862: Missing Authorization •