Description The plugin does not properly validate authorization in calls to the parseRemoteRequest function allowing unauthenticated visitors with knowledge of an existing WooCommerce Order ID to expose sensitive WooCommerce order information (e.g., Name, Address, Email Address, and other order metadata).