Shiptimize for WooCommerce Missing Authorization Vulnerability Allowing Settings Changes

A missing authorization vulnerability exists in the Shiptimize for WooCommerce plugin, specifically in versions through 3.1.86. This vulnerability allows for exploitation of improperly configured access control, enabling unauthorized changes to settings.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in WooCommerce settings, potentially allowing attackers to manipulate order processing, shipping options, or other critical eCommerce functionalities.

Remediation

Users are advised to remove and replace the Shiptimize for WooCommerce plugin, as it is likely abandoned and will not receive further updates or fixes.