Filtered by vendor Tychesoftwares
Subscribe
Filtered by product Abandoned Cart Lite For Woocommerce
Subscribe
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-2986 | 1 Tychesoftwares | 1 Abandoned Cart Lite For Woocommerce | 2023-06-19 | N/A | 9.8 CRITICAL |
| The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows unauthenticated attackers to log in as users who have abandoned the cart, which users are typically customers. | |||||