[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fPArQ7tCGmHs26dSUkXOWZrXffvg8dvhIR_0XrTaY6sU":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-5681101f-13c3-4fde-bbde-554810bcbe4e-advanced-dynamic-pricing-for-woocommerce","advanced-dynamic-pricing-for-woocommerce-missing-authorization","Advanced Dynamic Pricing for WooCommerce \u003C= 4.1.5 - Missing Authorization","The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing access control on the exportCSVBulkRangesAjaxCB() function, in addition to several other functions, in versions up to, and including, 4.1.5. This makes it possible for authenticated attackers with minimal permissions such as a subscriber to export pricing ranges among other actions.","advanced-dynamic-pricing-for-woocommerce",null,"\u003C=4.1.5","4.1.6","medium",6.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:L","Missing Authorization","2022-10-25 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5681101f-13c3-4fde-bbde-554810bcbe4e?source=api-prod",455]