[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fI1hyCv1liweql4kQAE7-AETOlvSprvtqZSaMvvo0D-w":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-d8a12e1d-f46a-499e-bfd6-185d5b955071-ecwid-shopping-cart","ecwid-ecommerce-shopping-cart-insufficient-access-control-on-multiple-ajax-actions","Ecwid Ecommerce Shopping Cart \u003C= 6.10.22 - Insufficient Access Control on Multiple AJAX Actions","The Ecwid Ecommerce Shopping Cart plugin for WordPress is vulnerable to Insufficient Access Control on Multiple AJAX Actions in versions up to, and including, 6.10.22. This allows any authenticated user to perform multiple AJAX actions including creating product and category pages as well as changing, publishing, and unpublishing the storefront page.","ecwid-shopping-cart",null,"\u003C=6.10.22","6.10.23","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:L","Improper Authorization","2022-07-09 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd8a12e1d-f46a-499e-bfd6-185d5b955071?source=api-prod",563]