Woocommerce Checkout Manager
Monthly
The WooCommerce Checkout Manager plugin before 4.3 for WordPress allows media deletion via the wp-admin/admin-ajax.php?action=update_attachment_wccm wccm_default_keys_load parameter because of a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The WooCommerce Checkout Manager plugin before 4.3 for WordPress allows media deletion via the wp-admin/admin-ajax.php?action=update_attachment_wccm wccm_default_keys_load parameter because of a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.