CVE-2024-1562

Name of the Vulnerable Software and Affected Versions WooCommerce Google Sheet Connector plugin for WordPress versions up to, and including, 1.3.11

Description The issue allows unauthorized modification of data due to a missing capability check on the execute post data function. This makes it possible for unauthenticated attackers to update plugin settings.

Recommendations For versions up to, and including, 1.3.11, update to a version higher than 1.3.11 to resolve the issue. As a temporary workaround, consider disabling the execute post data function until a patch is available.