Access violation vulnerability in BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net 1.1.3.3

The BEAR WordPress plugin is vulnerable to an issue called Missing Authorization. This means any user with an account (even a basic one) can make changes to the products. This issue affects versions of BEAR up to and including 1.1.3.3. The reason this happens is because the woobe_bulkoperations_visibility function does not have a security feature to check who is allowed to make changes.

Detected in:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Is this information incorrect? Please leave us a message.