CVE-2023-47687: WordPress Woo Custom and Sequential Order Number Plugin <= 2.6.0 is vulnerable to Cross Site Request Forgery (CSRF)
First published: Thu Nov 16 2023(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in VJInfotech Woo Custom and Sequential Order Number plugin <= 2.6.0 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Vjinfotech Woo Custom And Sequential Order Number | <=2.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-47687?
CVE-2023-47687 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Woo Custom and Sequential Order Number Plugin version <= 2.6.0.
What is the severity of CVE-2023-47687?
CVE-2023-47687 has a severity score of 8.8 (high).
What software versions are affected by CVE-2023-47687?
Versions of Vjinfotech Woo Custom and Sequential Order Number Plugin <= 2.6.0 for WordPress are affected by CVE-2023-47687.
What is the Common Weakness Enumeration (CWE) ID for CVE-2023-47687?
CVE-2023-47687 is classified under CWE-352 (Cross-Site Request Forgery).
Is there a patch available for CVE-2023-47687?
Yes, a patch is available for CVE-2023-47687. Please refer to the provided reference for more information.
- collector/mitre-cve
- collector/nvd-api
- vendor/vjinfotech
- product/woo custom and sequential order number
- canonical/vjinfotech woo custom and sequential order number