MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2023-48768

CVSS 4.3v3.1pub. 2023-12-18upd. 2026-04-28

Cross-Site Request Forgery (CSRF) vulnerability in CodeAstrology Team Quantity Plus Minus Button for WooCommerce by CodeAstrology.This issue affects Quantity Plus Minus Button for WooCommerce by CodeAstrology: from n/a through 1.1.9.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
  • Codeastrology Quantity Plus Minus Button For Woocommerce

    APP
    Codeastrology
    < 1.2.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2022-1020CRITICAL9.8ten sam vendor

The Product Table for WooCommerce (wooproducttable) WordPress plugin before 3.1.2 does not have authorisation ...

CVE-2024-10813MEDIUM5.3ten sam vendor

The Product Table for WooCommerce by CodeAstrology (wooproducttable.com) plugin for WordPress is vulnerable to...

CVE-2024-10696MEDIUM4.3ten sam vendor

The UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, A...

CVE-2024-4866MEDIUM6.4ten sam vendor

The UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, A...

CVE-2024-37554MEDIUM6.5ten sam vendor

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saiful I...