Arbitrary Comment Deletion Vulnerability in WooCommerce WordPress Plugin
CVE-2022-0775 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment
Learn more about our Wordpress Pen Testing.