Woocommerce Pre-orders Security Vulnerabilities and Issues — Woocommerce Pre-orders CVE List

Lucene search

WoocommerceWoocommerce Pre-orders

4 matches found

CVE•added 2023/07/31 10:15 a.m.•65 views

CVE-2023-3507

The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when canceling pre-orders, which could allow attackers to make logged in admins cancel arbitrary pre-orders via a CSRF attack

6.5CVSS6.7AI score0.00117EPSS

CVE•added 2023/08/30 12:15 p.m.•52 views

CVE-2023-32793

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Pre-Orders plugin

6.5CVSS5.5AI score0.00081EPSS

CVE•added 2023/07/31 10:15 a.m.•34 views

CVE-2023-3508

The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when processing its tab actions, which could allow attackers to make logged in admins email pre-orders customer, change the released date, mark all pre-orders of a specific product as complete or cancel via CSRF attack...

6.5CVSS6.7AI score0.00117EPSS

CVE•added 2023/08/30 12:15 p.m.•24 views

CVE-2023-32802

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Pre-Orders plugin

7.1CVSS6AI score0.0007EPSS