CVE-2023-40559

Name of the Vulnerable Software and Affected Versions theDotstore Dynamic Pricing and Discount Rules for WooCommerce plugin versions <= 2.4.0

Description A Cross-Site Request Forgery (CSRF) issue affects the plugin, allowing unauthorized actions to be performed on behalf of a user without their knowledge. This can be exploited by tricking a user into performing an unintended action.

Recommendations For versions <= 2.4.0, update to a version greater than 2.4.0 to resolve the issue. As a temporary workaround, consider implementing additional validation and verification for requests to prevent unauthorized actions.