Lucene search
PatchstackCVE-2022-40702HistoryJan 17, 2024 - 5:15 p.m.
CVE-2022-40702
2024-01-1717:15:09
CWE-862
Patchstack
web.nvd.nist.gov
10
cve-2022-40702
missing authorization
zorem
advanced local pickup
woocommerce
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
AI Score
4.7
Confidence
High
EPSS
0
Percentile
14.0%
Missing Authorization vulnerability in Zorem Advanced Local Pickup for WooCommerce.This issue affects Advanced Local Pickup for WooCommerce: from n/a through 1.5.2.
Affected configurations
Node
zoremadvanced_local_pickup_for_woocommerceRangeβ€1.5.2wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zorem | advanced_local_pickup_for_woocommerce | * | cpe:2.3:a:zorem:advanced_local_pickup_for_woocommerce:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "advanced-local-pickup-for-woocommerce",
"product": "Advanced Local Pickup for WooCommerce",
"vendor": "Zorem",
"versions": [
{
"changes": [
{
"at": "1.5.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.5.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Authorization
2024-01-17 17:15:00
cvelist
cvelist
vulnrichment
vulnrichment
nvd
nvd
CVE-2022-40702
2024-01-17 17:15:09
wordfence
wordfence
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
AI Score
4.7
Confidence
High
EPSS
0
Percentile
14.0%
Related for CVE-2022-40702