Filtered by vendor Tychesoftwares Subscriptions
Filtered by product Product Input Fields For Woocommerce Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-36696 1 Tychesoftwares 1 Product Input Fields For Woocommerce 2024-12-28 7.5 High
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handle_downloads() function in versions up to, and including, 1.2.6. This makes it possible for unauthenticated attackers to download files from the vulnerable service.