4 matches found
CVE-2022-2389
The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to create automations...
CVE-2022-2389
The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to create automations...
CVE-2022-2389
The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to create automations...
CVE-2022-2389
The CVE-2022-2389 entry concerns the WordPress plugin Autonami (Automations By Autonami) for WooCommerce. Prior to version 2.1.2, one AJAX action lacked proper authorization and CSRF checks, allowing any authenticated user (e.g., subscribers) to create automations. This is corroborated across mul...