Lucene search
HistoryAug 05, 2022 - 4:15 p.m.
CVE-2022-25649
cve-2022-25649
improper access control
vulnerabilities
storeapps
affiliate
woocommerce
premium plugin
wordpress
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.9%
Multiple Improper Access Control vulnerabilities in StoreApps Affiliate For WooCommerce premium plugin <= 4.7.0 at WordPress.
Affected configurations
Node
storeappsaffiliate_for_woocommerceRange≤4.7.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| storeapps | affiliate_for_woocommerce | * | cpe:2.3:a:storeapps:affiliate_for_woocommerce:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Affiliate For WooCommerce (WordPress plugin)",
"vendor": "StoreApps",
"versions": [
{
"lessThanOrEqual": "4.7.0",
"status": "affected",
"version": "<= 4.7.0",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
prion
prion
Improper access control
2022-08-05 16:15:00
nvd
nvd
CVE-2022-25649
2022-08-05 16:15:11
patchstack
patchstack
wpvulndb
wpvulndb
Affiliate For WooCommerce < 4.8.0 - Subscriber+ Unauthorised Actions
2022-08-01 00:00:00
cvelist
cvelist
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.9%
Related for CVE-2022-25649