CVE-2022-46796

Name of the Vulnerable Software and Affected Versions VillaTheme CURCY versions 2.1.25 and earlier

Description The issue is related to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. This enables unauthenticated settings changes, potentially leading to exploitation. The vulnerability affects the Woo Multi Currency plugin for WordPress.

Recommendations Update to the latest version to secure your site, as the latest version contains a fix for this issue. As a temporary workaround, consider restricting access to the vulnerable plugin until a patch is available.