WooCommerce Stock Manager <= 1.0.7 - CSRF and Lack of Authorisation



Description
Missing CSRF and Authorisation checks in the stock_manager_save_one_product_stock_data() method registered as an AJAX call.

Affects Plugin

fixed in version 1.0.9

References

URL https://plugins.trac.wordpress.org/changeset?reponame=&new=1460574%40woocommerce-stock-manager&old=1430301%40woocommerce-stock-manager

Classification

Type MULTI

Miscellaneous

Views 2802
Verified No
WPVDB ID 9414

Timeline

Publicly Published 2016-07-26 (over 3 years ago)
Added 2019-07-01 (5 months ago)
Last Updated 2019-07-01 (5 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin