Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:4 p.m.8 views

CVE-2022-3536

The Role Based Pricing for WooCommerce WordPress plugin before 1.6.3 does not have authorisation and proper CSRF checks, as well as does not validate path given via user input, allowing any authenticated users like subscriber to perform PHAR deserialization attacks when they can upload a file, an...

8.8CVSS6.8AI score0.00511EPSS
Exploits2References1
OSV
OSV
added 2022/11/07 10:15 a.m.4 views

CVE-2022-3536

The Role Based Pricing for WooCommerce WordPress plugin before 1.6.3 does not have authorisation and proper CSRF checks, as well as does not validate path given via user input, allowing any authenticated users like subscriber to perform PHAR deserialization attacks when they can upload a file, an...

8.8CVSS5.8AI score0.00511EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/11/07 12:0 a.m.8 views

CVE-2022-3536 Role Based Pricing for WooCommerce < 1.6.3 - Subscriber+ PHAR Deserialization

The Role Based Pricing for WooCommerce WordPress plugin before 1.6.3 does not have authorisation and proper CSRF checks, as well as does not validate path given via user input, allowing any authenticated users like subscriber to perform PHAR deserialization attacks when they can upload a file, an...

6.8AI score0.00511EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/11/07 12:0 a.m.34 views

CVE-2022-3536 Role Based Pricing for WooCommerce < 1.6.3 - Subscriber+ PHAR Deserialization

The Role Based Pricing for WooCommerce WordPress plugin before 1.6.3 does not have authorisation and proper CSRF checks, as well as does not validate path given via user input, allowing any authenticated users like subscriber to perform PHAR deserialization attacks when they can upload a file, an...

8.9AI score0.00511EPSS
Exploits2References1
Rows per page
Query Builder