Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Advanced Dynamic Pricing for WooCommerce 4.9.3

  • Severity: medium-risk
  • Status: Fixed
  • Publication: April 17, 2025

A popular plugin for WordPress, called “Advanced Dynamic Pricing for WooCommerce,” has a security vulnerability. This vulnerability, known as Cross-Site Request Forgery, affects all versions of the plugin up to version 4.9.3. The issue is caused by a missing or incorrect validation process, which allows attackers who are not logged in to the website to change the plugin’s settings. They can do this by tricking the website’s administrator into clicking on a link.

Detected in:

Advanced Dynamic Pricing and Discount Rules for WooCommerce fixed vulnerable versions:
Advanced Dynamic Pricing for WooCommerce fixed vulnerable versions: >= * <= 4.9.3
Discount rules and advanced dynamic pricing for WooCommerce fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.