Product

WCFM – Frontend Manager for WooCommerce Along With Bookings Subscription Listings Compatible Plugin <= 6.7.25

1 brief RSS

WordPress WCFM Plugin Vulnerable to IDOR Leading to Account Deletion

The WCFM plugin for WordPress is vulnerable to an Insecure Direct Object Reference (IDOR) that allows authenticated attackers with Vendor-level access or higher to delete arbitrary users, including administrators.

WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin <= 6.7.25 idor wordpress woocommerce account-deletion

2r 1t 1c 2d ago