CVE-2023-3507

Published: 2023-07-31T10:15Z

Last Modified: 2024-11-21T08:17Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when canceling pre-orders, which could allow attackers to make logged in admins cancel arbitrary pre-orders via a CSRF attack > MITRE Terms of Use apply – see LICENSE‑MITRE.txt