All In One B2B For Woocommerce
Monthly
The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly check nonce values in several actions, allowing an attacker to perform CSRF attacks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly check nonce values in several actions, allowing an attacker to perform CSRF attacks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.