WooCommerce Etsy Integration < 3.3.2 – Cross-Site Request Forgery | CVE 2021-4409

Affects Plugins

exportfeed-for-woocommerce-product-to-etsy

Fixed in 3.3.2

References

CVE

CVE-2021-4409

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/99489cc0-2e73-4d55-b95f-46d574897fac

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CWE-352

CVSS

4.3 (medium)

Miscellaneous

Original Researcher

Jerome Bruandet

Verified

No

WPVDB ID

fef15e68-fdb9-45d3-98e3-2c42a71dd55d

Timeline

Publicly Published

2021-08-16 (about 4 years ago)

Added

2023-07-12 (about 2 years ago)

Last Updated

2023-07-12 (about 2 years ago)

Other

Published

Title

Published

2024-03-28

Title

WP-Eggdrop <= 0.1 - Cross-Site Request Forgery to Settings Update

Published

2024-10-15

Title

VKontakte Wall Post <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Published

2025-03-27

Title

Float menu < 6.1.3 - Cross-Site Request Forgery to Settings Update

Published

2014-08-01

Title

Post Expirator <= 2.1.1 - Cross-Site Request Forgery

Published

2025-03-11

Title

Login Logger <= 1.2.1 - Cross-Site Request Forgery