WordPress is the WordPress Foundation’s set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL. cross-site request forgery vulnerability exists in versions prior to 11.0.7 of the Product Feed PRO for WooCommerce plugin for WordPress, which stems from a lack of authorization and CSRF checks in some AJAX operations. An attacker could use this vulnerability to delete arbitrary posts.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress product feed pro for woocommerce plugin | lt | 11.0.7 |