The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when canceling pre-orders, which could allow attackers to make logged in admins cancel arbitrary pre-orders via a CSRF attack
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/e72bbe9b-e51d-40ab-820d-404e0cb86ee6 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-07-31T09:37:37.183Z
Updated: 2023-07-31T09:37:37.183Z
Reserved: 2023-07-04T18:10:50.115Z
Link: CVE-2023-3507
JSON object: View
NVD Information
Status : Modified
Published: 2023-07-31T10:15:10.847
Modified: 2023-11-07T04:18:53.333
Link: CVE-2023-3507
JSON object: View
Redhat Information
No data.
CWE
No CWE.