6.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.5%
Description The plugin does not have authorisation in its eh_callback_handler function, allowing unauthenticated users to update the status of arbitrary WooCommerce orders