Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveWPScanCVE-2022-0989
HistoryApr 11, 2022 - 3:15 p.m.

CVE-2022-0989

2022-04-1115:15:08
CWE-80
WPScan
web.nvd.nist.gov
62
cve-2022-0989
ns woocommerce watermark
wordpress plugin
vulnerability
malware hiding

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

33.9%

JSON

An unprivileged user could use the functionality of the NS WooCommerce Watermark WordPress plugin through 2.11.3 to load images that hide malware for example from passing malicious domains to hide their trace, by making them pass through the vulnerable domain.

Affected configurations

Nvd
Vulners
Node
nsthemesns_watermark_for_woocommerceRange2.11.3wordpress
VendorProductVersionCPE
nsthemesns_watermark_for_woocommerce*cpe:2.3:a:nsthemes:ns_watermark_for_woocommerce:*:*:*:*:*:wordpress:*:*

CNA Affected

[
  {
    "product": "NS WooCommerce Watermark",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThanOrEqual": "2.11.3",
        "status": "affected",
        "version": "2.11.3",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
cvelist 1
wpexploit 1
nvd 1
patchstack 1
wpvulndb 1
prion
prion
Hardcoded credentials
2022-04-11 15:15:00
cvelist
cvelist
CVE-2022-0989 NS WooCommerce Watermark <= 2.11.3 - Abuse of Functionality
2022-04-11 14:41:03
wpexploit
wpexploit
NS WooCommerce Watermark <= 2.11.3 - Abuse of Functionality
2022-03-15 00:00:00
nvd
nvd
CVE-2022-0989
2022-04-11 15:15:08
patchstack
patchstack
WordPress NS WooCommerce Watermark plugin <= 2.11.3 - Abuse of Functionality vulnerability
2022-03-15 00:00:00
wpvulndb
wpvulndb
NS WooCommerce Watermark <= 2.11.3 - Abuse of Functionality
2022-03-15 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

33.9%

JSON
Related for CVE-2022-0989
prion1cvelist1wpexploit1nvd1patchstack1wpvulndb1