WooCommerce PDF Invoice Builder < 1.2.91 - Invoice Fields Creation via CSRF

2023-09-0700:00:00

wpscan.com

woocommerce

pdf invoice

csrf

attack

vulnerability

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.6%

JSON

Description The plugin does not have CSRF check when creating invoice fields, which could allow attackers to make logged in admin perform such action via a CSRF attack

CPENameOperatorVersion
eq1.2.91

CPE	Name	Operator	Version
		eq	1.2.91