3 matches found
CVE-2022-3763
The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.5, Booster Elite for WooCommerce WordPress plugin before 1.1.7 do not have CSRF check in place when deleting files uploaded at the checkout, allowing attackers to make a logged in...
CVE-2022-3763 Booster for WooCommerce - Checkout Files Deletion via CSRF
The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.5, Booster Elite for WooCommerce WordPress plugin before 1.1.7 do not have CSRF check in place when deleting files uploaded at the checkout, allowing attackers to make a logged in...
CVE-2022-3763
The CVE-2022-3763 issue affects Booster for WooCommerce, Booster Plus for WooCommerce, and Booster Elite for WooCommerce plugins for WordPress. The root cause is the absence of a CSRF check when deleting files uploaded at checkout, enabling an authenticated attacker (a logged-in shop manager or a...