3 matches found
CVE-2023-0503
CVE-2023-0503 is a CSRF vulnerability in the Free WooCommerce Theme 99fy Extension WordPress plugin prior to version 1.2.8. The underlying issue is the absence of a CSRF check when activating plugins, which could allow an attacker to cause logged-in admins to activate arbitrary plugins via a CSRF...
CVE-2023-0503 Free WooCommerce Theme 99fy Extension < 1.2.8 - Arbitrary Plugin Activation via CSRF
The Free WooCommerce Theme 99fy Extension WordPress plugin before 1.2.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
CVE-2023-0503 Free WooCommerce Theme 99fy Extension < 1.2.8 - Arbitrary Plugin Activation via CSRF
The Free WooCommerce Theme 99fy Extension WordPress plugin before 1.2.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...