Vulnerabilities > Najeebmedia > Ppom FOR Woocommerce > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-14	CVE-2021-25018	Missing Authorization vulnerability in Najeebmedia Ppom for Woocommerce The PPOM for WooCommerce WordPress plugin before 24.0 does not have authorisation and CSRF checks in the ppom_settings_panel_action AJAX action, allowing any authenticated to call it and set arbitrary settings. network najeebmedia CWE-862	3.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.