WordPress.Abandoned.Cart.Lite.Plugin.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass vulnerability in WordPress Abandoned Cart Lite for WooCommerce Plugin.
The vulnerability is caused by a static encryption value used when authenticating a user with a currently abandoned cart. An unauthenticated attacker can exploit this through a crafted request to gain the privileges of any user, including administrators.
Affected Products
WordPress Abandoned Cart Lite for WooCommerce Plugin 5.14.2 and earlier versions
Impact
Security Bypass: Remote attackers can bypass security features of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://en-ca.wordpress.org/plugins/woocommerce-abandoned-cart/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |