Sunday, December 27, 2020
CVE-2020-29156
nist.gov
In: nist.gov
The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action. CVE-2020-29156