CVE-2022-45066 – WordPress WooSwipe WooCommerce Gallery plugin <= 2.0.1 - Auth. Broken Access Control vulnerability

https://notcve.org/view.php?id=CVE-2022-45066

17 Nov 2022 — Auth. (subscriber+) Broken Access Control vulnerability in WooSwipe WooCommerce Gallery plugin <= 2.0.1 on WordPress. Vulnerabilidad de control de acceso roto autenticada (con permisos de suscriptores o superiores) en el complemento WooSwipe WooCommerce Gallery de Wordpress en versiones <= 2.0.1. The WooSwipe WooCommerce Gallery plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the update() function called via the admin_menu hook in versions up to, and includ... • https://patchstack.com/database/vulnerability/wooswipe/wordpress-wooswipe-woocommerce-gallery-plugin-2-0-1-auth-broken-access-control-vulnerability?_s_id=cve • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •