Upsell Order Bump Offer For Woocommerce
Monthly
Broken authentication in the Upsell Order Bump Offer for WooCommerce plugin (versions 3.1.4 and earlier) allows remote unauthenticated attackers to manipulate offer/price integrity on affected WordPress storefronts. Patchstack classifies the issue as a price manipulation vulnerability with high integrity impact, and no public exploit identified at time of analysis. The defect is reachable over the network without authentication or user interaction, making any WooCommerce store running the plugin a direct target.
Broken authentication in the Upsell Order Bump Offer for WooCommerce plugin (versions 3.1.4 and earlier) allows remote unauthenticated attackers to manipulate offer/price integrity on affected WordPress storefronts. Patchstack classifies the issue as a price manipulation vulnerability with high integrity impact, and no public exploit identified at time of analysis. The defect is reachable over the network without authentication or user interaction, making any WooCommerce store running the plugin a direct target.