Personalized WooCommerce Cart Page <= 2.4 - Cross-Site Request Forgery (CSRF)
Affects Plugin
|
fixed in version 2.5
|
References
| CVE | 2019-5979 |
| URL | https://jvn.jp/en/jp/JVN88804335/index.html |
| URL | https://plugins.trac.wordpress.org/changeset/2099595/personalize-woocommerce-cart-page |
Classification
| Type | CSRF |
| OWASP Top 10 | A8: Cross-Site Request Forgery (CSRF) |
| CWE | CWE-352 |
Miscellaneous
| Original Researcher | Akira Yamasaki of Cryptography Laboratory |
| Submitter | Ryan Dewhurst |
| Submitter Website | https://wpscan.io |
| Submitter Twitter | ethicalhack3r |
| Views | 1371 |
| Verified | No |
| WPVDB ID | 9437 |
Timeline
| Publicly Published | 2019-06-19 (about 1 month ago) |
| Added | 2019-07-09 (14 days ago) |
| Last Updated | 2019-07-09 (14 days ago) |
Our Other Services
| Online WordPress Vulnerability Scanner | WPScan WordPress Security Plugin |
