PT-2026-25288 · Josh Kohlbach · Product Feed Pro For Woocommerce
Nguyen Ba Khanh
·
Published
2026-03-13
·
Updated
2026-03-14
·
CVE-2026-32443
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Josh Kohlbach Product Feed PRO for WooCommerce versions through 13.5.2
Description
The software contains a Cross-Site Request Forgery (CSRF) issue. A Cross-Site Request Forgery attack allows an attacker to perform actions on behalf of an authenticated user without their knowledge. This can lead to unauthorized modifications or actions within the application.
Recommendations
Versions prior to and including 13.5.2 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Product Feed Pro For Woocommerce