CVE-2023-6625

Publication date

2024-01-22 19:14:24

Family

WPScan

State

PUBLISHED

Description

The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not have a CSRF check in place when deleting inquiries, which could allow attackers to make a logged in admin delete them via a CSRF attack