WordPress Spreadsheet Integration plugin <= 3.8.2 - Cross-Site Request Forgery to Arbitrary Post Publish vulnerability

Cross-Site Request Forgery to Arbitrary Post Publish vulnerability discovered by Krzysztof Zając in WordPress Plugin Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. versions = 3.8.2...

PT-2024-37742 · WordPress · Spreadsheet Integration Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: The Spreadsheet Integration plugin for WordPress versions up to, and including, 3.7.9 Description: The issue is related to a missing capability check on several functions, allowing authenticated attackers with Subscriber-level access and abov...