The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcj_wp_option' shortcode in versions up to, and including, 7.1.0 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for authenticated attackers, with subscriber-level capabilities or above, to retrieve arbitrary sensitive site options.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Wordfence
Published: 2023-10-20T07:29:25.653Z
Updated: 2023-10-20T07:29:25.653Z
Reserved: 2023-09-06T13:39:26.051Z
Link: CVE-2023-4796
JSON object: View
NVD Information
Status : Modified
Published: 2023-10-20T08:15:12.540
Modified: 2023-11-07T04:22:59.017
Link: CVE-2023-4796
JSON object: View
Redhat Information
No data.
CWE