The plugin does not have proper CSRF check when updating settings, and does not ensure that the options to be updated belong to the plugin, allowing attackers to make a logged in admin change arbitrary blog options via a CSRF attack. The attack could also be performed via a LFI if one is present in another plugin present on the blog.
Make a logged in user with the manage_woocommerce capability open a page containing the HTML code below
CPE | Name | Operator | Version |
---|---|---|---|
mautic-integration-for-woocommerce | lt | 1.0.3 |