In Shopizer versions 2.0 to 2.17.0 a regular admin can permanently delete a superadmin (although this cannot happen according to the documentation) via Insecure Direct Object Reference (IDOR) vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
shopizer shopizer |