Flexible Checkout Fields For Woocommerce – Woocommerce Checkout Manager
Approved changes feed: RSS · Atom
cpe:2.3:a:wpdesk:flexible_checkout_fields_for_woocommerce_–_woocommerce_checkout_manager:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Wpdesk (54fd216e-520f-595d-9e1c-4e7d99dadc3a) |
|---|---|
| Product | Flexible Checkout Fields For Woocommerce – Woocommerce Checkout Manager (ff553b3d-a566-5782-be4c-38693c9e7734) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-36731 |
vulnerable | 2026-06-08 05:25:49.493427 |
Flexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update
HIGH (7.2)
The Flexible Checkout Fields for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Plugin Settings update, in addition to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to missing authorization checks on the updateSettingsAction() function which is called via an admin_init hook, along with missing sanitization and escaping on the settings that are stored.
Published: 2023-06-07T01:51:54.328Z
Updated: 2026-04-08T17:34:52.923Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.