CSRF Vulnerability in Woocommerce Social Media Share Buttons by Toastie Studio
CVE-2024-31109
7.1HIGH
Key Information:
- Vendor
- WordPress
- Vendor
- CVE Published:
- 2 April 2024
Summary
A vulnerability has been identified in the Woocommerce Social Media Share Buttons plugin developed by Toastie Studio, which allows attackers to exploit Cross-Site Request Forgery (CSRF) to perform unauthorized actions on behalf of users. This security issue enables potential stored cross-site scripting (XSS) attacks, affecting versions from n/a to 1.3.0. Users of this plugin are advised to update to the latest versions and implement appropriate security measures to mitigate the risks associated with this vulnerability.
Affected Version(s)
Woocommerce Social Media Share Buttons <= 1.3.0
References
CVSS V3.1
Score:
7.1
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published