CVE-2022-44633 – WordPress YITH WooCommerce Gift Cards Premium plugin <= 3.23.1 - Unauth. Gift Card Creation Leading to Stored XSS vulnerability

https://notcve.org/view.php?id=CVE-2022-44633

Missing Authorization vulnerability in YITH YITH WooCommerce Gift Cards Premium.This issue affects YITH WooCommerce Gift Cards Premium: from n/a through 3.23.1. Vulnerabilidad de autorización faltante en YITH YITH WooCommerce Gift Cards Premium. Este problema afecta a YITH WooCommerce Gift Cards Premium: desde n/a hasta 3.23.1. The YITH WooCommerce Gift Cards Premium plugin for WordPress is vulnerable to unauthorized gift card creation due to a missing capability check on one of its functions in versions up to, and including, 3.23.1. This makes it possible for unauthenticated attackers to create gift cards. • https://patchstack.com/database/vulnerability/yith-woocommerce-gift-cards-premium/wordpress-yith-woocommerce-gift-cards-premium-plugin-3-23-1-unauth-gift-card-creation-leading-to-stored-xss-vulnerability?_s_id=cve • CWE-862: Missing Authorization •