← Back to CVE List
CVE-2023-3365
The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.14 does not have authorisation when deleting shipment, allowing any authenticated users, such as subscriber to delete arbitrary shipment
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt