Lucene search
WpvulndbWPVDB-ID:1F592437-B354-4979-A0D2-6F816959BEFEHistoryJul 22, 2022 - 12:00 a.m.
Stockists Manager for Woocommerce <= 1.0.2.1 - Stored Cross-Site Scripting via CSRF
2022-07-2200:00:00
wpscan.com
8
0.001 Low
EPSS
Percentile
35.0%
The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues
| CPE | Name | Operator | Version |
|---|---|---|---|
| stockists-manager | eq | * |
Related
cvelist
cvelist
CVE-2022-2518
2022-09-06 17:18:58
cve
cve
CVE-2022-2518
2022-09-06 18:15:14
patchstack
patchstack
nvd
nvd
CVE-2022-2518
2022-09-06 18:15:14
prion
prion
Cross site request forgery (csrf)
2022-09-06 18:15:00