CVE-2024-1489
CVE-2024-1489 applies to the SMS Alert Order Notifications – WooCommerce plugin for WordPress (versions up to and including 3.6.9). The root cause is missing or incorrect nonce validation in the processBulkAction function, enabling CSRF. This can allow unauthenticated attackers to delete pages an...