Lucene search

K
cve[email protected]CVE-2022-27628
HistoryFeb 06, 2023 - 1:15 p.m.

CVE-2022-27628

2023-02-0613:15:08
CWE-352
web.nvd.nist.gov
19
cve-2022-27628
csrf
vulnerability
aa-team
wzone
lite version
plugin
nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.0005 Low

EPSS

Percentile

17.2%

Cross-Site Request Forgery (CSRF) vulnerability in AA-Team WZone – Lite Version plugin 3.1 Lite versions.

Affected configurations

Vulners
NVD
Node
aa-teamwzone_–_lite_versionRange3.1

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "woocommerce-amazon-affiliates-light-version",
    "product": "WZone – Lite Version",
    "vendor": "AA-Team",
    "versions": [
      {
        "lessThanOrEqual": "3.1 Lite",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.0005 Low

EPSS

Percentile

17.2%

Related for CVE-2022-27628