The plugins Login/Signup Popup, Side Cart Woocommerce, and Waitlist Woocommerce are all vulnerable to cross-site request forgery due to a missing nonce check that would make it possible for attackers to update arbitrary options on a vulnerable WordPress site.
CPE | Name | Operator | Version |
---|---|---|---|
easy-login-woocommerce | lt | 2.3 | |
waitlist-woocommerce | lt | 2.5.1 | |
side-cart-woocommerce | lt | 2.1 |