Cross-Site Request Forgery (CSRF) vulnerability leading to Settings/Options update discovered by Marco Wotschka in WordPress Ecwid Ecommerce Shopping Cart plugin (versions <= 6.10.23).
Update the WordPress Ecwid Shopping Cart plugin to the latest available version (at least 6.10.24).
CPE | Name | Operator | Version |
---|---|---|---|
ecwid shopping cart | le | 6.10.23 |