The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not have a CSRF check in place when deleting inquiries, which could allow attackers to make a logged in admin delete them via a CSRF attack
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/d483f7ce-cb3f-4fcb-b060-005cec0ea10f/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2024-01-22T19:14:24.183Z
Updated: 2024-01-22T19:14:24.183Z
Reserved: 2023-12-08T15:04:16.836Z
Link: CVE-2023-6625
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-22T20:15:47.647
Modified: 2024-01-26T19:47:43.497
Link: CVE-2023-6625
JSON object: View
Redhat Information
No data.
CWE