Lucene search
+L

7 matches found

OSV
OSV
added 2025/05/16 9:15 p.m.4 views

CVE-2022-4363

The Wholesale Market WordPress plugin before 2.2.2, Wholesale Market for WooCommerce WordPress plugin before 2.0.1 have a flawed CSRF check when updating their settings, which could allow attackers to make a logged in admin update them via a CSRF attack...

6.5CVSS5.8AI score0.00166EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/16 8:33 p.m.19 views

CVE-2022-4363 Wholesale Market <= 2.2.2 - Settings Update via CSRF

The Wholesale Market WordPress plugin before 2.2.2, Wholesale Market for WooCommerce WordPress plugin before 2.0.1 have a flawed CSRF check when updating their settings, which could allow attackers to make a logged in admin update them via a CSRF attack...

0.00166EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/16 8:33 p.m.12 views

CVE-2022-4363 Wholesale Market <= 2.2.2 - Settings Update via CSRF

The Wholesale Market WordPress plugin before 2.2.2, Wholesale Market for WooCommerce WordPress plugin before 2.0.1 have a flawed CSRF check when updating their settings, which could allow attackers to make a logged in admin update them via a CSRF attack...

7AI score0.00166EPSS
Exploits1References1
OSV
OSV
added 2023/01/02 10:15 p.m.4 views

CVE-2022-4298

The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server...

9.8CVSS5.9AI score0.01833EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/01/02 9:49 p.m.6 views

CVE-2022-4298 Wholesale Market < 2.2.1 - Unauthenticated Arbitrary File Download

The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server...

9.6AI score0.01833EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/01/02 12:0 a.m.6 views

WordPress plugin Wholesale Market for WooCommerce 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in th...

2.7CVSS5AI score0.00705EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/01/02 12:0 a.m.3 views

WordPress plugin Wholesale Market 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in th...

9.8CVSS8.6AI score0.01833EPSS
Exploits2References2
Rows per page
Query Builder