Lucene search
WpvulndbWPVDB-ID:1CE5FFA7-8EE5-4419-8BFF-48FCB4A25AAAHistoryMar 17, 2023 - 12:00 a.m.
WooCommerce Weight Based Shipping < 5.5.0 - Settings Update via CSRF
2023-03-1700:00:00
wpscan.com
4
woocommerce
weight based shipping
csrf
vulnerability
settings
update
attack
0.001 Low
EPSS
Percentile
27.7%
The plugin does not have a CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| weight-based-shipping-for-woocommerce | lt | 5.5.0 |
Related
cve
cve
CVE-2022-46794
2023-05-24 16:15:09
cvelist
cvelist
nvd
nvd
CVE-2022-46794
2023-05-24 16:15:09
prion
prion
Cross site request forgery (csrf)
2023-05-24 16:15:00
wordfence
wordfence