Arbitrary Comment Deletion Vulnerability in WooCommerce WordPress Plugin

Arbitrary Comment Deletion Vulnerability in WooCommerce WordPress Plugin

CVE-2022-0775 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment

Learn more about our Wordpress Pen Testing.