The Amazon Products to WooCommerce plugin for WordPress has a vulnerability called Server-Side Request Forgery. This means that anyone can make requests to any website from the plugin, even if they are not logged in. This could allow attackers to access and change information from internal services.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
