The Product Catalog Simple plugin for WordPress has a security problem that affects all versions up to and including version 1.7.5. This problem allows someone to do malicious things to a website without being authenticated (logged in). This includes resetting product settings, deleting products, deleting product categories, deleting old filters, and reassigning product data. To do this, a malicious user just needs to trick a website administrator into clicking a link.