CVE-2024-3983

Name of the Vulnerable Software and Affected Versions WooCommerce Customers Manager WordPress plugin versions prior to 30.1

Description The issue concerns a lack of CSRF checks in some bulk actions, which could allow attackers to make logged-in admins perform unwanted actions, such as deleting customers via CSRF attacks.

Recommendations For versions prior to 30.1, update to version 30.1 or later to resolve the issue. As a temporary workaround, consider restricting access to bulk actions to minimize the risk of exploitation.