Cross-Site Request Forgery Flaw in EditionGuard for WooCommerce
CVE-2024-56207

8.8HIGH

Key Information:

Vendor: WordPress
Status: Editionguard For WooCommerce – Ebook Sales With Drm
Vendor: CVE Published:; 31 December 2024

Summary

A Cross-Site Request Forgery vulnerability has been identified in EditionGuard for WooCommerce, specifically impacting the eBook Sales with DRM feature. This vulnerability allows attackers to exploit the application and potentially escalate privileges. Affected versions range from an unspecified early release up to 3.4.2. Users of the system are advised to take preventive measures to safeguard against potential misuse of this vulnerability, thereby ensuring the integrity and security of their e-commerce operations.

Affected Version(s)

EditionGuard for WooCommerce – eBook Sales with DRM <= 3.4.2

References

https://patchstack.com/database/wordpress/plugin/editiong...

vdb-entry

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 31, 2024
Vulnerability Reserved
Dec 18, 2024

Credit

Mika (Patchstack Alliance)