Woocommerce Woocommerce Pre-orders — known CVE vulnerabilities
Every CVE whose affected-product data names Woocommerce Woocommerce Pre-orders, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2023-3507 — CVSS 6.5 (medium): The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when canceling pre-orders, which could allow attackers to…
CVE-2023-3508 — CVSS 6.5 (medium): The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when processing its tab actions, which could allow…