Lucene search
K

14 matches found

CVE
CVE
added 2024/01/19 2:30 p.m.85 views

CVE-2022-40700

CVE-2022-40700 is an SSRF vulnerability reported against Montonio for WooCommerce and a range of WordPress plugins/themes. Affected versions include Montonio for WooCommerce up to 6.0.1 (patched in 6.0.2) and other listed plugins up to their indicated versions; several references confirm SSRF as ...

9.8CVSS8.4AI score0.00999EPSS
Exploits0References15Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.11 views

WordPress AMP Toolbox Plugin <= 2.1.1 is vulnerable to Server Side Request Forgery (SSRF)

Software AMP Toolbox Type Plugin Vulnerable versions = 2.1.1 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 63986eb9d832 Credits Dave Jong Patchstack Required...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.13 views

WordPress Confirm Data Plugin <= 1.0.7 is vulnerable to Server Side Request Forgery (SSRF)

Software Confirm Data Type Plugin Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 486c54ed7457 Credits Dave Jong Patchstack Required...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.13 views

WordPress Wpopal Core Features Plugin <= 1.5.8 is vulnerable to Server Side Request Forgery (SSRF)

Software Wpopal Core Features Type Plugin Vulnerable versions = 1.5.8 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 22112fdee0d7 Credits Dave Jong Patchstack Requir...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.14 views

WordPress Theme Minifier Plugin <= 2.0 is vulnerable to Server Side Request Forgery (SSRF)

Software Theme Minifier Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID a2085be206a1 Credits Dave Jong Patchstack Required...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.15 views

WordPress AMO for WP – Membership Management Plugin <= 4.6.6 is vulnerable to Server Side Request Forgery (SSRF)

Software AMO for WP – Membership Management Type Plugin Vulnerable versions = 4.6.6 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 9e6059b126e6 Credits Dave Jong...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.13 views

WordPress CSS Adder By Agence-Press Plugin <= 1.5.0 is vulnerable to Server Side Request Forgery (SSRF)

Software CSS Adder By Agence-Press Type Plugin Vulnerable versions = 1.5.0 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 1e10380ab266 Credits Dave Jong Patchstack...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.16 views

WordPress Admin CSS MU Plugin <= 2.6 is vulnerable to Server Side Request Forgery (SSRF)

Software Admin CSS MU Type Plugin Vulnerable versions = 2.6 Fixed in 2.7 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID f8576e8732f6 Credits Dave Jong Patchstack Required privile...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.11 views

WordPress WooVirtualWallet – A virtual wallet for WooCommerce Plugin <= 2.2.1 is vulnerable to Server Side Request Forgery (SSRF)

Software WooVirtualWallet – A virtual wallet for WooCommerce Type Plugin Vulnerable versions = 2.2.1 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 178ac6a26da3...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.11 views

WordPress WooVIP – Membership plugin for WordPress and WooCommerce Plugin <= 1.4.4 is vulnerable to Server Side Request Forgery (SSRF)

Software WooVIP – Membership plugin for WordPress and WooCommerce Type Plugin Vulnerable versions = 1.4.4 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID f21710078bd7...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.10 views

WordPress Custom Login Admin Front-end CSS Plugin <= 1.4.1 is vulnerable to Server Side Request Forgery (SSRF)

Software Custom Login Admin Front-end CSS Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.5 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 19400bb94bda Credits Dave Jong...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.10 views

WordPress WordPress Page Builder – Qards Plugin <= 1.0.5 is vulnerable to Server Side Request Forgery (SSRF)

Software WordPress Page Builder – Qards Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 10ad2232337b Credits Dave Jong...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.11 views

WordPress Styles Plugin <= 1.2.3 is vulnerable to Server Side Request Forgery (SSRF)

Software Styles Type Plugin Vulnerable versions = 1.2.3 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 0386a96da2ff Credits Dave Jong Patchstack Required privilege...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.19 views

WordPress WooSupply – Suppliers, Supply Orders and Stock Management Plugin <= 1.2.2 is vulnerable to Server Side Request Forgery (SSRF)

Software WooSupply – Suppliers, Supply Orders and Stock Management Type Plugin Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID f4ff6d9dbad...

9.8CVSS9.5AI score0.00999EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder