← Back

Woocommerce Cart Abandonment Recovery

woocommerce_cart_abandonment_recovery

Vendor: Cartflows • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-2322
1Cartflows
1Woocommerce Cart Abandonment Recovery
Apr 7, 2025
Apr 3, 2024
N/A· v4
6.8 MEDIUM· v3
N/A· v2
The WooCommerce Cart Abandonment Recovery WordPress plugin before 1.2.27 does not have CSRF check in its bulk actions, which could allow attackers to make logged in admins delete arbitrary email templates as well as dele...Show more
The WooCommerce Cart Abandonment Recovery WordPress plugin before 1.2.27 does not have CSRF check in its bulk actions, which could allow attackers to make logged in admins delete arbitrary email templates as well as delete and unsubscribe users from abandoned orders via CSRF attacks.Show less