Security Advisory

CVE-2023-3507

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-31 09:37:37

Last updated 2025-04-23 16:19:48

Assigner WPScan

State PUBLISHED

Description

The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when canceling pre-orders, which could allow attackers to make logged in admins cancel arbitrary pre-orders via a CSRF attack

← Browse all CVEs View on cve.org ↗