CVE-2024-2262
WooCommerce Product Filter < 1.4.4 - Filter Deletion via CSRF
Themify WordPress plugin before 1.4.4 does not have CSRF check in its bulk action, which could allow attackers to make logged in users delete arbitrary filters via CSRF attack, granted they know the related filter slugs
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Affected products
Unknown · ThemifyWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →