2024-07-04 12:52:15
INCIBE
PUBLISHED
Information exposure vulnerability in the MRW plugin, in its 5.4.3 version, affecting the "mrw_log" functionality. This vulnerability could allow a remote attacker to obtain other customers order information and access sensitive information such as name and phone number. This vulnerability also allows an attacker to create or overwrite shipping labels.