The CartFlows plugin for WordPress, used for creating sales funnels, has a vulnerability in versions up to and including 1.11.11. This vulnerability would allow an authenticated user with access to cart flow management, such as an administrator or other user types, to modify or delete any post without verifying the post id. This means that attackers with the right access can potentially delete important data.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)
