CVE-2023-36506
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2023-36506 is a newly disclosed vulnerability affecting the YITH WooCommerce Waiting List plugin. This missing authorization issue enables unauthorized access to functionality, allowing attackers to exploit incorrectly configured access control security levels. Affecting versions from n/a to 2.13.0, this vulnerability poses a significant risk to WordPress websites using the YITH WooCommerce Waiting List plugin. Successful exploitation could result in unintended modifications or unauthorized actions. Users are urged to update to the latest plugin version or contact their WordPress security provider to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.