CVE-2022-0775 Information

Description

The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews which could allow any authenticated users such as subscriber to delete arbitrary comment

Reference

https://wpscan.com/vulnerability/b76dbf37-a0a2-48cf-bd85-3ebbc2f394dd/ https://plugins.trac.wordpress.org/changeset/2683324 https://developer.woocommerce.com/2022/02/22/woocommerce-6-2-1-security-fix/