4 matches found
CVE-2023-3507
creationtimestamp| type| source ---|---|--- 2023-07-31 14:37:42+00:00| seen| https://t.me/cibsecurity/67445...
CVE-2023-3507
The CVE refers to the WooCommerce Pre-Orders WordPress plugin vulnerability CVE-2023-3507, where a flawed CSRF check on canceling pre-orders allows an attacker to trigger cancellation of arbitrary pre-orders by a logged-in admin. The publicly stated fix is upgrade to version 2.0.3. No exploitatio...
CVE-2023-3507 WooCommerce Pre-Orders < 2.0.3 - Arbitrary Pre-Order Canceling via CSRF
The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when canceling pre-orders, which could allow attackers to make logged in admins cancel arbitrary pre-orders via a CSRF attack...
CVE-2023-3507 WooCommerce Pre-Orders < 2.0.3 - Arbitrary Pre-Order Canceling via CSRF
The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when canceling pre-orders, which could allow attackers to make logged in admins cancel arbitrary pre-orders via a CSRF attack...