The plugin does not have CSRF check when importing Woo data, which could allow attackers to make logged in admins perform such action via a CSRF attack
Vendor | Product | Version | CPE |
---|---|---|---|
lightspeedhq | ecwid_ecommerce_shopping_cart | * | cpe:2.3:a:lightspeedhq:ecwid_ecommerce_shopping_cart:*:*:*:*:*:wordpress:*:* |