Frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-3780 MEDIUM This Month

The WCFM - Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcfm_redirect_to_setup function in all versions up to, and including, 6.7.16. This makes it possible for unauthenticated attackers to view and modify the plugin settings, including payment details and API keys

WordPress Authentication Bypass Frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible PHP
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-3780
EPSS 0% CVSS 6.5
MEDIUM This Month

The WCFM - Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcfm_redirect_to_setup function in all versions up to, and including, 6.7.16. This makes it possible for unauthenticated attackers to view and modify the plugin settings, including payment details and API keys

WordPress Authentication Bypass Frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy