Lucene search
HistorySep 23, 2022 - 2:15 p.m.
CVE-2022-38095
cross-site request forgery
algolplus plugin
woocommerce
wordpress
cve-2022-38095
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
20.8%
Cross-Site Request Forgery (CSRF) vulnerability in AlgolPlus Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 at WordPress.
Affected configurations
Node
algolplusadvanced_dynamic_pricing_for_woocommerceRange≤4.1.3wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| algolplus | advanced_dynamic_pricing_for_woocommerce | * | cpe:2.3:a:algolplus:advanced_dynamic_pricing_for_woocommerce:*:*:*:*:*:wordpress:*:* |
Related
patchstack
patchstack
cvelist
cvelist
cnvd
cnvd
wpvulndb
wpvulndb
Advanced Dynamic Pricing for WooCommerce < 4.1.4 - Settings Update via CSRF
2022-09-14 00:00:00
cve
cve
CVE-2022-38095
2022-09-23 14:15:12
prion
prion
Cross site request forgery (csrf)
2022-09-23 14:15:00
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
20.8%
Related for NVD:CVE-2022-38095