The AutomateWoo plugin for WordPress, up to version 5.7.5, is vulnerable to Cross-Site Request Forgery. This means that if an attacker can get a site administrator to click on a link, they can perform an action they are not authorized to do. This is because the plugin does not properly validate nonces on some functions.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
