Vulnerabilities and security researches forexportfeed-for-woocommerce-product-to-etsy

CVE, Research URL: 7a3b3ff386491175b967945c2fbb7cf0edb8ff84
Home page URL: Security reports for WooCommerce Etsy Integration
Application: WooCommerce Etsy Integration
Date: Aug 16, 2021
Research Description: WooCommerce Etsy Integration [exportfeed-for-woocommerce-product-to-etsy] < 3.3.2 WordPress Sync to Etsy Marketplace from WooCommerce plugin <= 3.3.1 - Cross-Site Request Forgery (CSRF) vulnerability Cross-Site Request Forgery (CSRF) vulnerability discovered by Jerome Bruandet (NinTechNet) in WordPress Sync to Etsy Marketplace from WooCommerce plugin (versions <= 3.3.1).
Affected versions: max 3.3.2.
Status: vulnerable

CVE, Research URL: -
Home page URL: Security reports for WooCommerce Etsy Integration
Application: WooCommerce Etsy Integration
Date: Jun 07, 2023
Research Description: Rejected reason: CVE split into individual CVE IDs for each software record.
Affected versions: max 3.3.2.
Status: vulnerable

CVE, Research URL: CVE-2021-4409
Home page URL: Security reports for WooCommerce Etsy Integration
Application: WooCommerce Etsy Integration
Date: Jul 12, 2023
Research Description: The WooCommerce Etsy Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.3.1. This is due to missing or incorrect nonce validation on the etcpf_delete_feed() function. This makes it possible for unauthenticated attackers to delete an export feed via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions: max 3.3.2.
Status: vulnerable

Vulnerabilities and security researches forexportfeed-for-woocommerce-product-to-etsy exportfeed-for-woocommerce-product-to-etsy