14 matches found
CVE-2022-40700
CVE-2022-40700 is an SSRF vulnerability reported against Montonio for WooCommerce and a range of WordPress plugins/themes. Affected versions include Montonio for WooCommerce up to 6.0.1 (patched in 6.0.2) and other listed plugins up to their indicated versions; several references confirm SSRF as ...
WordPress AMP Toolbox Plugin <= 2.1.1 is vulnerable to Server Side Request Forgery (SSRF)
Software AMP Toolbox Type Plugin Vulnerable versions = 2.1.1 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 63986eb9d832 Credits Dave Jong Patchstack Required...
WordPress Confirm Data Plugin <= 1.0.7 is vulnerable to Server Side Request Forgery (SSRF)
Software Confirm Data Type Plugin Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 486c54ed7457 Credits Dave Jong Patchstack Required...
WordPress Wpopal Core Features Plugin <= 1.5.8 is vulnerable to Server Side Request Forgery (SSRF)
Software Wpopal Core Features Type Plugin Vulnerable versions = 1.5.8 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 22112fdee0d7 Credits Dave Jong Patchstack Requir...
WordPress Theme Minifier Plugin <= 2.0 is vulnerable to Server Side Request Forgery (SSRF)
Software Theme Minifier Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID a2085be206a1 Credits Dave Jong Patchstack Required...
WordPress AMO for WP – Membership Management Plugin <= 4.6.6 is vulnerable to Server Side Request Forgery (SSRF)
Software AMO for WP – Membership Management Type Plugin Vulnerable versions = 4.6.6 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 9e6059b126e6 Credits Dave Jong...
WordPress CSS Adder By Agence-Press Plugin <= 1.5.0 is vulnerable to Server Side Request Forgery (SSRF)
Software CSS Adder By Agence-Press Type Plugin Vulnerable versions = 1.5.0 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 1e10380ab266 Credits Dave Jong Patchstack...
WordPress Admin CSS MU Plugin <= 2.6 is vulnerable to Server Side Request Forgery (SSRF)
Software Admin CSS MU Type Plugin Vulnerable versions = 2.6 Fixed in 2.7 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID f8576e8732f6 Credits Dave Jong Patchstack Required privile...
WordPress WooVirtualWallet – A virtual wallet for WooCommerce Plugin <= 2.2.1 is vulnerable to Server Side Request Forgery (SSRF)
Software WooVirtualWallet – A virtual wallet for WooCommerce Type Plugin Vulnerable versions = 2.2.1 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 178ac6a26da3...
WordPress WooVIP – Membership plugin for WordPress and WooCommerce Plugin <= 1.4.4 is vulnerable to Server Side Request Forgery (SSRF)
Software WooVIP – Membership plugin for WordPress and WooCommerce Type Plugin Vulnerable versions = 1.4.4 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID f21710078bd7...
WordPress Custom Login Admin Front-end CSS Plugin <= 1.4.1 is vulnerable to Server Side Request Forgery (SSRF)
Software Custom Login Admin Front-end CSS Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.5 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 19400bb94bda Credits Dave Jong...
WordPress WordPress Page Builder – Qards Plugin <= 1.0.5 is vulnerable to Server Side Request Forgery (SSRF)
Software WordPress Page Builder – Qards Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 10ad2232337b Credits Dave Jong...
WordPress Styles Plugin <= 1.2.3 is vulnerable to Server Side Request Forgery (SSRF)
Software Styles Type Plugin Vulnerable versions = 1.2.3 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 0386a96da2ff Credits Dave Jong Patchstack Required privilege...
WordPress WooSupply – Suppliers, Supply Orders and Stock Management Plugin <= 1.2.2 is vulnerable to Server Side Request Forgery (SSRF)
Software WooSupply – Suppliers, Supply Orders and Stock Management Type Plugin Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID f4ff6d9dbad...