The WooCommerce Google Sheet Connector WordPress plugin before 1.3.6 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack
Metrics
Affected Vendors & Products
References
History
Tue, 05 Nov 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2023-07-17T13:29:48.544Z
Updated: 2024-11-05T19:53:11.383Z
Reserved: 2023-04-27T09:07:06.197Z
Link: CVE-2023-2329
Vulnrichment
Updated: 2024-08-02T06:19:14.667Z
NVD
Status : Modified
Published: 2023-07-17T14:15:09.847
Modified: 2024-11-21T07:58:23.923
Link: CVE-2023-2329
Redhat
No data.