CVE-2024-32095Cross-Site Request Forgery in Shipping FOR Woocommerce

CWE-352Cross-Site Request Forgery3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 62.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Multiparcels Shipping FOR Woocommerce
Timeline
PublishedApr 15

Description

Cross-Site Request Forgery (CSRF) vulnerability in MultiParcels MultiParcels Shipping For WooCommerce.This issue affects MultiParcels Shipping For WooCommerce: from n/a before 1.16.9.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-h4cv-c3rm-v5ff: Cross-Site Request Forgery (CSRF) vulnerability in MultiParcels MultiParcels Shipping For WooCommerce2024-04-15
CVEList
WordPress MultiParcels Shipping For WooCommerce plugin < 1.16.9 - Cross Site Request Forgery (CSRF) vulnerability2024-04-15
CVE-2024-32095 — Cross-Site Request Forgery | cvebase