CVE-2022-0783

Name of the Vulnerable Software and Affected Versions Multiple Shipping Address Woocommerce WordPress plugin versions prior to 2.0

Description The issue concerns the improper sanitization and escaping of numerous parameters in SQL statements via certain AJAX actions. These actions are available to unauthenticated users, leading to potential unauthenticated SQL injections.

Recommendations For versions prior to 2.0, update to version 2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the AJAX actions available to unauthenticated users until a patch is applied.