Lucene search

[email protected]NVD:CVE-2023-46629

HistoryNov 13, 2023 - 1:15 a.m.

CVE-2023-46629

2023-11-1301:15:08

CWE-352

[email protected]

web.nvd.nist.gov

cve-2023-46629

themelocation

cross-site request forgery

vulnerability

woocommerce

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

24.1%

JSON

Cross-Site Request Forgery (CSRF) vulnerability in themelocation Remove Add to Cart WooCommerce plugin <= 1.4.4.

Affected configurations

Nvd

Node

themelocationremove_add_to_cart_woocommerceRange≤1.4.4wordpress

VendorProductVersionCPE
themelocationremove_add_to_cart_woocommerce*cpe:2.3:a:themelocation:remove_add_to_cart_woocommerce:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
themelocation	remove_add_to_cart_woocommerce	*	cpe:2.3:a:themelocation:remove_add_to_cart_woocommerce::::::wordpress::*

References

patchstack.com/database/vulnerability/remove-add-to-cart-woocommerce/wordpress-remove-add-to-cart-woocommerce-plugin-1-4-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

24.1%

JSON

Related for NVD:CVE-2023-46629

wpvulndb1 prion1 cvelist1 vulnrichment1 cve1 wordfence1