The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not have a CSRF check in place when deleting inquiries, which could allow attackers to make a logged in admin delete them via a CSRF attack
History

Fri, 20 Jun 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2024-01-22T19:14:24.183Z

Updated: 2025-06-20T18:37:30.685Z

Reserved: 2023-12-08T15:04:16.836Z

Link: CVE-2023-6625

cve-icon Vulnrichment

Updated: 2024-08-02T08:35:14.890Z

cve-icon NVD

Status : Modified

Published: 2024-01-22T20:15:47.647

Modified: 2025-06-20T19:15:28.487

Link: CVE-2023-6625

cve-icon Redhat

No data.