Vulnerabilities > Automattic > Woocommerce Payments > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-04-12 CVE-2023-28121 Improper Authentication vulnerability in Automattic Woocommerce Payments and Woopayments
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator.
network
low complexity
automattic CWE-287
critical
9.8