What the vulnerability does
01Description
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through <= 2.2.4.2.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through <= 2.2.4.2.
Explanation of Vulnerability in Simple Terms
Wholesale Suite versions up to 2.2.4.2 contain an improper access control vulnerability that allows high-privileged users to read sensitive data, modify site content, or disrupt service. The vulnerability requires administrative or equivalent high-level access to exploit. Site owners should update immediately to a version newer than 2.2.4.2.
What an attacker can do
Read sensitive data, modify content, or disrupt service if they have high-level admin access.
Potential impact on your site
Admins or high-privileged users could abuse their access to read data, alter content, or cause downtime.
Conditions required to exploit
Attacker must have high-level administrative privileges on the site.
Key dates
External resources