Описание
The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.5.6 (исключая)
cpe:2.3:a:tipsandtricks-hq:wp_estore:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 59%
0.00384
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 5.4
github
больше 1 года назад
The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
EPSS
Процентиль: 59%
0.00384
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-352