Security Advisory

CVE-2024-3869

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-16 12:51:46

Last updated 2026-04-08 17:05:14

Assigner Wordfence

State PUBLISHED

Description

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the woocommerce_json_search_coupons function . This makes it possible for attackers with subscriber level access to view coupon codes.

← Browse all CVEs View on cve.org ↗