2 matches found
CVE-2025-13924
The Advanced Product Fields Product Addons for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.17. This is due to missing or incorrect nonce validation on the 'maybeduplicate' function. This makes it possible for unauthenticat...
WordPress Advanced Product Fields (Product Addons) for WooCommerce plugin <= 1.6.17 - Cross-Site Request Forgery to Product Field Group Duplication and Publication vulnerability
Cross-Site Request Forgery to Product Field Group Duplication and Publication vulnerability discovered by Nguyen C in WordPress Plugin Advanced Product Fields Product Addons for WooCommerce versions = 1.6.17...