CVE-2024-1562 Information

Description

The WooCommerce Google Sheet Connector plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the execute_post_data function in all versions up to and including 1.3.11. This makes it possible for unauthenticated attackers to update plugin settings.

Reference

https://www.wordfence.com/threat-intel/vulnerabilities/id/e36df7b7-fcbc-4e5d-812c-861bfe8abb55?source=cve https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3038517%40wc-gsheetconnector&new=3038517%40wc-gsheetconnector&sfp_email=&sfph_mail=