2025-02-20 09:21:36
Wordfence
PUBLISHED
The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the update_voucher_price, update_voucher_date, update_voucher_note functions in all versions up to, and including, 4.4.6. This makes it possible for unauthenticated attackers to update the value, expiration date, and user note for any gift voucher.