Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | CVE-2022-4016 | 12 Dec 202220:21 | – | circl |
 | WordPress plugin Booster Plus for WooCommerce 跨站请求伪造漏洞 | 12 Dec 202200:00 | – | cnnvd |
 | CVE-2022-4016 Booster for WooCommerce - Custom Role Creation/Deletion via CSRF | 12 Dec 202217:57 | – | cvelist |
 | EUVD-2022-51396 | 3 Oct 202520:07 | – | euvd |
 | CVE-2022-4016 | 12 Dec 202218:15 | – | nvd |
 | Cross site request forgery (csrf) | 12 Dec 202218:15 | – | prion |
 | PT-2022-25254 · WordPress · Booster Elite For Woocommerce +2 | 12 Dec 202200:00 | – | ptsecurity |
 | CVE-2022-4016 | 22 May 202523:37 | – | redhatcve |
 | CVE-2022-4016 Booster for WooCommerce - Custom Role Creation/Deletion via CSRF | 12 Dec 202217:57 | – | vulnrichment |
 | Booster for WooCommerce - Custom Role Creation/Deletion via CSRF | 21 Nov 202200:00 | – | wpexploit |
10
Node
OROR
[
{
"vendor": "Unknown",
"product": "Booster for WooCommerce",
"collectionURL": "https://wordpress.org/plugins",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "5.6.7"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "Unknown",
"product": "Booster Plus for WooCommerce",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "5.6.6"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "Unknown",
"product": "Booster Elite for WooCommerce",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "1.1.8"
}
],
"defaultStatus": "unaffected"
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| wcj_delete_role | query param | /wp-admin/admin.php?page=wcj-tools&tab=custom_roles&wcj_delete_role=dj | CSRF vulnerability allowing logged-in admins to delete custom roles via crafted request | CWE-352 |
| wcj_custom_role_id | request body | /wp-admin/admin.php?page=wcj-tools&tab=custom_roles | CSRF vulnerability allowing logged-in admins to create custom roles via crafted form submission | CWE-352 |
| wcj_custom_role_name | request body | /wp-admin/admin.php?page=wcj-tools&tab=custom_roles | CSRF vulnerability allowing logged-in admins to create custom roles via crafted form submission | CWE-352 |
| wcj_custom_role_caps | request body | /wp-admin/admin.php?page=wcj-tools&tab=custom_roles | CSRF vulnerability allowing logged-in admins to create custom roles via crafted form submission | CWE-352 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
22 Apr 2025 15:16Current
6.5Medium risk
Vulners AI Score6.5
CVSS 3.16.5
EPSS0.00282
SSVC