What the vulnerability does
01Description
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.1 versions.
CVE-2023-32745
MEDIUM
CVE-2023-32745: WordPress AutomateWoo Plugin <= 5.7.1 is vulnerable to Cross Site Request Forgery (CSRF)
CVSS base score
5.4/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Key dates
02Disclosure timeline
November 9, 2023
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-31753 WordPress Advanced Speed Increaser Plugin <= 2.2.1 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2020-37241 bloofoxCMS 0.5.2.1 Cross-Site Request Forgery via user add
CVE-2023-46202 WordPress Auto Login New User After Registration Plugin <= 1.9.6 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2025-30521 WordPress GP Back To Top plugin <= 3.0 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-48144 WordPress Import Export For WooCommerce plugin <= 1.6.2 - CSRF to Stored XSS vulnerability
