The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is not secure in versions up to and including 2.4.1. This means that anyone, even someone without a user account or access to the website, can access and export the settings of the plugin. This is because the export() function is missing authorization, making it vulnerable.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
