Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3
Critical0
High1
Medium2
Reset
Showing 1-3 of 3 records
Threat Entry Updated 2025-05-29

CVE-2024-3983 - Before 30 Plugin

The WooCommerce Customers Manager WordPress plugin before 30.1 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting customers via CSRF attacks

PLUGIN Before 30

CVE-2024-3983

HIGH CVSS 8.1 2024-08-01
Open Full Technical Breakdown
Threat Entry Updated 2025-05-29

CVE-2024-2843 - Before 30 Plugin

The WooCommerce Customers Manager WordPress plugin before 30.1 does not have CSRF checks in some places, which could allow attackers to make logged in admin users delete users via CSRF attacks

PLUGIN Before 30

CVE-2024-2843

MEDIUM CVSS 6.5 2024-08-01
Open Full Technical Breakdown
Threat Entry Updated 2025-05-29

CVE-2024-1747 - Before 30 Plugin

The WooCommerce Customers Manager WordPress plugin before 30.2 does not have authorisation and CSRF in various AJAX actions, allowing any authenticated users, such as subscriber, to call them and update/delete/create customer metadata, also leading to Stored Cross-Site Scripting due to the lack of escaping of said metadata values.

PLUGIN Before 30

CVE-2024-1747

MEDIUM CVSS 6.5 2024-08-01
Open Full Technical Breakdown
Scroll to top