cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2020-36731,https://securityvulnerability.io/vulnerability/CVE-2020-36731,Unauthenticated Arbitrary Plugin Settings Update in Flexible Checkout Fields for WooCommerce,"The Flexible Checkout Fields for WooCommerce plugin is exposed to significant security risks due to the lack of necessary authorization checks. Specifically, vulnerability arises in the updateSettingsAction() function triggered via the admin_init hook, allowing unauthorized users to modify plugin settings. Additionally, missing sanitization and escaping processes for stored settings can lead to Stored Cross-Site Scripting attacks. These issues make installations of the plugin vulnerable to misuse and data compromise.",Wordpress,Flexible Checkout Fields For WooCommerce – WooCommerce Checkout Manager,7.2,HIGH,0.001180000021122396,false,,false,false,false,,false,false,2023-06-07T01:51:54.328Z,0