CVE-2020-36736
CVE-2020-36736 affects the WordPress plugin WooCommerce Checkout & Funnel Builder by CartFlows (versions up to 1.5.15). The root cause is missing or incorrect nonce validation on export_json, import_json, and status_logs_file functions, enabling Cross-Site Request Forgery. This can allow unauthen...