VYPR
Unrated severityNVD Advisory· Published Jul 21, 2021· Updated Sep 16, 2024

Cross-Site Request Forgery in WooCommerce Stock Manager WordPress Plugin

CVE-2021-34619

Description

The WooCommerce Stock Manager WordPress plugin is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Upload in versions up to, and including, 2.5.7 due to missing nonce and file validation in the /woocommerce-stock-manager/trunk/admin/views/import-export.php file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.