WordPress Plugin Vulnerabilities

WooCommerce Checkout For Digital Goods <= 2.1 - CSRF to Settings Change

Description

The Digital Goods for WooCommerce Checkout WordPress plugin was affected by a CSRF to Settings Change security vulnerability.

Affects Plugins

Plugin icon
woo-checkout-for-digital-goods
Fixed in 2.2

References

CVE
CVE-2018-11633

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
6.5 (medium)

Miscellaneous

Verified
No
WPVDB ID
3e754f82-9abd-47fd-b5e7-3d4304ff025e

Timeline

Publicly Published
2018-05-28 (about 7 years ago)
Added
2019-08-20 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2025-06-19
Title
Esselink.nu Settings <= 3.6 - Cross-Site Request Forgery
Published
2025-01-07
Title
News Publisher Autopilot <= 2.1.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2025-09-26
Title
Ninja Forms < 3.12.1 - Limited File Deletion via CSRF
Published
2025-04-17
Title
Advanced Dynamic Pricing for WooCommerce < 4.9.5 - Cross-Site Request Forgery to Settings Update
Published
2024-04-12
Title
Legal Pages < 1.4.3 - Cross-Site Request Forgery