Description
WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently change the price of any product. WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More version 4.6.00 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.6.20 or latest
References
Related Vulnerabilities
WordPress Plugin Monsters Editor for WP Super Edit Arbitrary File Upload (1.1)
WordPress Plugin WP Subtitle Unspecified Vulnerability (2.5)
OpenSSL Cryptographic Issues Vulnerability (CVE-2013-6449)
WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.4)
WordPress Plugin Controlled Admin Access Security Bypass (1.5.5)