2 matches found
CVE-2021-4409 WooCommerce Etsy Integration <= 3.3.1 - Cross-Site Request Forgery Bypass
The WooCommerce Etsy Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.3.1. This is due to missing or incorrect nonce validation on the etcpfdeletefeed function. This makes it possible for unauthenticated attackers to delete an export...
CVE-2021-4409
The CVE concerns the WordPress plugin WooCommerce Etsy Integration . It is vulnerable to Cross-Site Request Forgery (CSRF) in versions up to and including 3.3.1, due to missing/incorrect nonce validation in the etcpf_delete_feed() function. This allows an unauthenticated attacker to delete an exp...