The WooCommerce Google Sheet Connector WordPress plugin before 1.3.6 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack
History

Tue, 05 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2023-07-17T13:29:48.544Z

Updated: 2024-11-05T19:53:11.383Z

Reserved: 2023-04-27T09:07:06.197Z

Link: CVE-2023-2329

cve-icon Vulnrichment

Updated: 2024-08-02T06:19:14.667Z

cve-icon NVD

Status : Modified

Published: 2023-07-17T14:15:09.847

Modified: 2024-11-21T07:58:23.923

Link: CVE-2023-2329

cve-icon Redhat

No data.