Missing Authorization vulnerability in Pricing Deals for WooCommerce
CVE-2023-41240
5.3MEDIUM
What is CVE-2023-41240?
A missing authorization vulnerability exists in the Vark Pricing Deals for WooCommerce plugin. This issue allows attackers to potentially exploit unauthorized access, affecting versions from n/a to 2.0.3.2. Without proper access controls in place, attackers could manipulate pricing deals, leading to unauthorized modifications or data exposure, which could compromise the integrity of WooCommerce transactions. It is vital for users running affected versions to implement necessary security measures and update to the latest versions to ensure protection against potential exploitation.
Affected Version(s)
Pricing Deals for WooCommerce <= 2.0.3.2