PoC for CVE-2021-34646
-
Date: 2021-09-16
-
Exploit Author: Sebastian Kriesten (0xB455)
-
Contact: https://twitter.com/0xB455
-
Affected Plugin: Booster for WooCommerce
-
Plugin Slug: woocommerce-jetpack
-
Vulnerability disclosure: https://www.wordfence.com/blog/2021/08/critical=-authentication-bypass-vulnerability-patched-in-booster-for-woocommerce/
-
Affected Versions: <= 5.4.3
-
Fully Patched Version: >= 5.4.4
-
CVE: CVE-2021-34646
-
CVSS Score: 9.8 (Critical)
-
Category: webapps