Syncee Global Dropshipping
Monthly
The Syncee WordPress plugin before 1.0.10 leaks the administrator token that can be used to take over the administrator's account. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The Syncee WordPress plugin before 1.0.10 leaks the administrator token that can be used to take over the administrator's account. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.