PT-2024-12955 · Unknown · Woocommerce Support System
Mika
·
Published
2024-12-13
·
Updated
2024-12-17
·
CVE-2023-41686
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
WooCommerce Support System versions 1.2.0 through 1.2.2
Description
A Cross-Site Request Forgery (CSRF) issue affects the WooCommerce Support System, allowing unauthorized actions. Users are advised to update to the latest version to mitigate risks.
Recommendations
For versions 1.2.0 through 1.2.2, update to the latest version to resolve the issue. As a temporary workaround, consider implementing additional security measures to prevent CSRF attacks until the update is applied.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Woocommerce Support System