Storecustomizer
Monthly
Kaira StoreCustomizer woocustomizer versions 2.6.3 and earlier contain a missing authorization flaw that allows authenticated users to modify store customization settings they should not have access to. An attacker with low-level user privileges can exploit this misconfigured access control to make unauthorized changes to the store's appearance and configuration. No patch is currently available for this vulnerability.
Kaira StoreCustomizer woocustomizer versions 2.6.3 and earlier contain a missing authorization flaw that allows authenticated users to modify store customization settings they should not have access to. An attacker with low-level user privileges can exploit this misconfigured access control to make unauthorized changes to the store's appearance and configuration. No patch is currently available for this vulnerability.