3 matches found
CVE-2021-4392
The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.9.43. This is due to missing or incorrect nonce validation on the implecodesaveproductsmeta function. This makes it possible for unauthenticated...
CVE-2021-4392 eCommerce Product Catalog Plugin for WordPress <= 2.9.43 - Cross-Site Request Forgery Bypass
The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.9.43. This is due to missing or incorrect nonce validation on the implecodesaveproductsmeta function. This makes it possible for unauthenticated...
PT-2023-12504 · WordPress · Ecommerce Product Catalog Plugin
Name of the Vulnerable Software and Affected Versions: eCommerce Product Catalog Plugin for WordPress versions up to, and including, 2.9.43 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the implecode save products meta function. Th...