Lucene search
PRIOn knowledge basePRION:CVE-2022-3923HistoryJan 09, 2023 - 11:15 p.m.
Code injection
2023-01-0923:15:00
PRIOn knowledge base
www.prio-n.com
5
code injection
activecampaign
woocommerce
wordpress
ajax
authorization bypass
security vulnerability
error logs
The ActiveCampaign for WooCommerce WordPress plugin before 1.9.8 does not have authorisation check when cleaning up its error logs via an AJAX action, which could allow any authenticated users, such as subscriber to call it and remove error logs.
| CPE | Name | Operator | Version |
|---|---|---|---|
| activecampaign_for_woocommerce | lt | 1.9.8 |
Related
cvelist
cvelist
wpexploit
wpexploit
ActiveCampaign for WooCommerce < 1.9.8 - Subscriber+ Error Log Cleanup
2022-12-16 00:00:00
wpvulndb
wpvulndb
ActiveCampaign for WooCommerce < 1.9.8 - Subscriber+ Error Log Cleanup
2022-12-16 00:00:00
nvd
nvd
CVE-2022-3923
2023-01-09 23:15:26
cve
cve
CVE-2022-3923
2023-01-09 23:15:26