← volver
CVE-2025-28984

WordPress Subscription Renewal Reminders for WooCommerce plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability

CVSS 4.3 MEDIUMEPSS 0.1%CWE-352
Cross-Site Request Forgery (CSRF) vulnerability in storepro Subscription Renewal Reminders for WooCommerce subscriptions-renewal-reminders allows Cross Site Request Forgery.This issue affects Subscription Renewal Reminders for WooCommerce: from n/a through <= 1.4.1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Productos afectados
storepro · Subscription Renewal Reminders for WooCommerce

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://patchstack.com/database/Wordpress/Plugin/subscriptions-renewal-reminders/vulnerability/wordpress-subscription-renewal-reminders-for-woocommerce-plugin-1-3-7-cross-site-request-forgery-to-notice-dismissal-vulnerability?_s_id=cve