CSRF Vulnerability in WOOCS - WooCommerce Currency Switcher
CVE-2024-30458

8.8HIGH

What is CVE-2024-30458?

A Cross-Site Request Forgery (CSRF) vulnerability exists in the WOOCS – WooCommerce Currency Switcher plugin by realmag777. This security flaw allows an attacker to perform unauthorized actions on behalf of a logged-in user without their consent. The vulnerability affects versions from n/a through 1.4.1.7, potentially compromising sensitive transactions and user data.

Affected Version(s)

WOOCS – WooCommerce Currency Switcher <= 1.4.1.7

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Dhabaleshwar Das (Patchstack Alliance)
.
The Cyber Security Vulnerability Database.