2 matches found
CVE-2021-4414
The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.8.5. This is due to missing or incorrect nonce validation on the wcalpreviewemails function. This makes it possible for unauthenticated attackers to generat...
CVE-2021-4414
The CVE concerns the WordPress plugin Abandoned Cart Lite for WooCommerce . It is vulnerable to Cross-Site Request Forgery (CSRF) in versions up to and including 5.8.5, caused by missing/incorrect nonce validation in the function wcal_preview_emails() . This allows unauthenticated attackers to ge...