We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-52127

WordPress WPC Product Bundles for WooCommerce Plugin <= 7.3.1 is vulnerable to Cross Site Request Forgery (CSRF)



AssignerPatchstack
Reserved2023-12-28
Published2024-01-05
Updated2024-09-04

Description

Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Product Bundles for WooCommerce.This issue affects WPC Product Bundles for WooCommerce: from n/a through 7.3.1.



MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Problem types

CWE-352 Cross-Site Request Forgery (CSRF)

Product status

Default status
0x4003030510

Any version
affected

Credits

Brandon Roldan (Patchstack Alliance) 0x4003030570

References

https://patchstack.com/database/vulnerability/woo-product-bundle/wordpress-wpc-product-bundles-for-woocommerce-plugin-7-3-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve vdb-entry

cve.org CVE-2023-52127

nvd.nist.gov CVE-2023-52127

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-52127
Subscribe to our newsletter to learn more about our work.