Description

WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin WCFM Membership-WooCommerce Memberships for Multivendor Marketplace version 2.10.0 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 2.10.1 or latest

References

Related Vulnerabilities