Integration for Szamlazz.hu & WooCommerce by Viszt Péter <= 5.6.3.2 - CSRF
LANACOMMONVDB ID: 13eb8d03-1aa9-47df-b2ed-568eae28f644
The plugin is lacking Cross-Site Request Forgery (CSRF) check in various AJAX actions, which could allow attackers to make logged in Shop Managers and above perform unwanted actions, such as deactivate the plugin's license.
Attributes
- Catgory
- WordPress Plugin
- Discovered
- 2022-09-07
- Published
- 2022-10-20
- Affected Version
- <= 5.6.3.2
Classification
- Type
- Cross-Site Request Forgery (CSRF)
Support Us?
We would truly appreciate it if you bought us a bunny (food for a snow leopard).
