Custom Order Status for WooCommerce, 8e67b1e8-1172-4634-9dac-93f54297931a

CVE, Research URL: 8e67b1e8-1172-4634-9dac-93f54297931a
Home page URL: Security reports for Custom Order Status for WooCommerce
Application: Custom Order Status for WooCommerce
Published on: -
Research Description: Custom Order Status for WooCommerce [custom-order-statuses-woocommerce] < 2.4.0 Custom Order Status for WooCommerce < 2.4.0 - Cross-Site Request Forgery The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions: max 2.4.0.
Status: vulnerable