Description
WordPress Plugin WooCommerce Multi Currency-Currency Switcher is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently change the price of all products. WordPress Plugin WooCommerce Multi Currency-Currency Switcher version 2.1.17 is vulnerable; prior versions are also affected.
Remediation
Update to plugin version 2.1.18 or latest
References
Related Vulnerabilities
Oracle Application Server CVE-2007-5517 Vulnerability (CVE-2007-5517)
WordPress Plugin 2kb Amazon Affiliates Store Cross-Site Scripting (2.1.0)
MySQL CVE-2018-3079 Vulnerability (CVE-2018-3079)
WordPress Plugin PhotoSmash Galleries Arbitrary File Upload (1.0.7)
WordPress Plugin WP Quick FrontEnd Editor Multiple Vulnerabilities (5.5)