CVE-2021-4392
CVE-2021-4392 affects the WordPress plugin “eCommerce Product Catalog” (versions up to and including 2.9.43). Root cause: missing or incorrect nonce validation in the implecode_save_products_meta() function, enabling CSRF. Impact: unauthenticated attackers can save product meta data by tricking a...