The Abandoned Cart Lite plugin for WordPress and WooCommerce is vulnerable to unauthorized access and modification of data. This means that attackers with subscriber-level access or higher can dismiss admin notifications, toggle templates, view abandoned cart details, and preview emails without permission. This vulnerability is present in versions 5.16.1 and earlier.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
