The Live sales notification plugin for WordPress, used with WooCommerce, has a security issue in versions up to 2.3.39. This is because the “getOrders” function doesn’t have enough security checks when showing recent orders. This could allow hackers to access private customer information, such as first names, location, and details about their purchases.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
