[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f52VifWKGoLxvGC3X6AL60Z45zxLNBlDFomeN_L9W4m0":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2023-51546","woocommerce-pdf-invoices-authenticatedshop-manager-arbitrary-options-update-via-json-import","WooCommerce PDF Invoices \u003C= 4.2.1 - Authenticated(Shop Manager+) Arbitrary Options Update via JSON Import","The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to arbitrary options updates via the JSON import functionality in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with Shop Manager access and above, to update arbitrary site options.","print-invoices-packing-slip-labels-for-woocommerce",null,"\u003C=4.2.1","4.3.0","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Input Validation","2023-12-27 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7927edf2-b092-4b56-83aa-038f99ea658e?source=api-prod",27]