3 matches found
WordPress Wholesale Market plugin < 2.2.2 - Settings Update via CSRF vulnerability
Settings Update via CSRF vulnerability discovered by WPScan in WordPress Plugin Wholesale Market versions 2.2.2...
CVE-2022-4363
CVE-2022-4363 affects WordPress plugins: Wholesale Market (pre-2.2.2) and Wholesale Market for WooCommerce (pre-2.0.1). A flawed CSRF check when updating settings could allow a logged-in admin to update settings via CSRF. Public details confirm the affected versions and the vulnerability class; n...
CVE-2022-4363 Wholesale Market <= 2.2.2 - Settings Update via CSRF
The Wholesale Market WordPress plugin before 2.2.2, Wholesale Market for WooCommerce WordPress plugin before 2.0.1 have a flawed CSRF check when updating their settings, which could allow attackers to make a logged in admin update them via a CSRF attack...