The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when canceling pre-orders, which could allow attackers to make logged in admins cancel arbitrary pre-orders via a CSRF attack
CPE | Name | Operator | Version |
---|---|---|---|
woocommerce_pre-orders | lt | 2.0.3 |