CVE-2024-6136 Information

Description

The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not have CSRF checks in some places which could allow attackers to make logged in users perform unwanted actions via CSRF attacks

Reference

https://wpscan.com/vulnerability/7d85cfe4-4878-4530-ba78-7cfe33f3a8d5/