Description
WordPress Plugin Product Addons & Fields for WooCommerce is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently call an AJAX action and set arbitrary settings. WordPress Plugin Product Addons & Fields for WooCommerce version 23.9 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 24.0 or latest