Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:0CDBA9E9-0D90-495E-9383-6B6539E32192
HistoryApr 24, 2023 - 12:00 a.m.

Side Cart Woocommerce < 2.2 - Settings Reset via CSRF

2023-04-2400:00:00
wpscan.com
12
woocommerce
csrf protection
settings reset
csrf attack
logged in admin

EPSS

0.001

Percentile

27.6%

JSON

The plugin does not have CSRF check when reseting its Settings, which could allow attackers to make logged in admins perform such action via a CSRF attack

PoC

Make a logged in admin open https://example.com/wp-admin/admin.php?page=side-cart-woocommerce-settings&amp;reset;=yes

Related

prion 1
cve 1
cvelist 1
nvd 1
wpexploit 1
wordfence 1
prion
prion
Cross site request forgery (csrf)
2023-05-22 10:15:00
cve
cve
CVE-2022-45376
2023-05-22 10:15:11
cvelist
cvelist
CVE-2022-45376 WordPress Side Cart Woocommerce (Ajax) Plugin < 2.1 is vulnerable to Cross Site Request Forgery (CSRF)
2023-05-22 09:22:45
nvd
nvd
CVE-2022-45376
2023-05-22 10:15:11
wpexploit
wpexploit
Side Cart Woocommerce < 2.2 - Settings Reset via CSRF
2023-04-24 00:00:00
wordfence
wordfence
Wordfence Intelligence CE Weekly Vulnerability Report (1-30-2023 to 2-5-2023)
2023-02-09 15:31:04

EPSS

0.001

Percentile

27.6%

JSON
Related for WPVDB-ID:0CDBA9E9-0D90-495E-9383-6B6539E32192
prion1cve1cvelist1nvd1wpexploit1wordfence1