Tag: Ecommerce

Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites
News

Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites

The WordPress "Abandoned Cart Lite for WooCommerce" plugin, which is used by more than 30,000 websites, has a serious security problem that has been made public. "This vulnerability makes it possible for an attacker to gain access to the accounts of users who have abandoned their carts, who are typically customers but can extend to other high-level users when the right conditions are met," said Wordfence, a product of Defiant, in an advisory. The vulnerability, identified as CVE-2023-2986, has a CVSS severity rating of 9.8 out of 10. It affects every version of the plugin, including versions 5.14.2 and earlier. The root of the issue is an instance of authentication bypass that results from inadequate encryption measures being used when consumers read more Critical Flaw Found in W...