CVE-2025-58802 WordPress TrustMate.io – WooCommerce integration plugin <= 1.16.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in michalzagdan TrustMate.io – WooCommerce integration trustmate-io-integration-for-woocommerce allows Cross Site Request Forgery.This issue affects TrustMate.io – WooCommerce integration: from n/a through = 1.16.0...

WordPress TrustMate.io – WooCommerce integration plugin <= 1.16.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin TrustMate.io – WooCommerce integration versions = 1.16.0...

WordPress plugin TrustMate.io – WooCommerce integration 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress plugin TrustMate.io -...

WordPress TrustMate.io – integracja z WooCommerce plugin <= 1.7.0 - Arbitrary Blog Option Update vulnerability

Arbitrary Blog Option Update vulnerability discovered by WPScanTeam in WordPress TrustMate.io – integracja z WooCommerce plugin versions = 1.7.0. Solution Update the WordPress TrustMate.io – integracja z WooCommerce plugin to the latest available version at least 1.7.1...

WordPress TrustMate.io – integracja z WooCommerce plugin <= 1.8.11 - Arbitrary Plugin's Settings Update vulnerability

Arbitrary Plugin's Settings Update vulnerability discovered by WPScanTeam in WordPress TrustMate.io – integracja z WooCommerce plugin versions = 1.8.11. Solution Update the WordPress TrustMate.io – integracja z WooCommerce plugin to the latest available version at least 1.8.12...

TrustMate.io integration for WooCommerce < 1.7.1 - Subscriber+ Arbitrary Blog Option Update

The plugin does not have any CSRF and authorisation checks in the savecheckbox AJAX action, available to any authenticated users, and do not validate the option key to ensure the option to update belongs to the plugin. As a result, any authenticated user, such as subscriber can update arbitrary...

TrustMate.io integration for WooCommerce < 1.7.1 - Subscriber+ Arbitrary Blog Option Update

The plugin does not have any CSRF and authorisation checks in the savecheckbox AJAX action, available to any authenticated users, and do not validate the option key to ensure the option to update belongs to the plugin. As a result, any authenticated user, such as subscriber can update arbitrary...

TrustMate.io integration for WooCommerce < 1.8.12 - Subscriber+ Arbitrary Plugin's Settings Update

The plugin does not have any CSRF and authorisation checks in the savecheckbox AJAX action, available to any authenticated users, allowing any authenticated user, such as subscriber to update arbitrary settings from the plugin. Due to the lack of escaping, it could lead to Stored Cross-Site...

TrustMate.io integration for WooCommerce < 1.8.12 - Subscriber+ Arbitrary Plugin's Settings Update

The plugin does not have any CSRF and authorisation checks in the savecheckbox AJAX action, available to any authenticated users, allowing any authenticated user, such as subscriber to update arbitrary settings from the plugin. Due to the lack of escaping, it could lead to Stored Cross-Site...