Product Slider for WooCommerce Subscriber+ Arbitrary Options Deletion. Flawed CSRF checks and lack of authorization in AJAX actions allow authenticated users to delete blog options. PoC exploit included
Reporter | Title | Published | Views | Family All 6 |
---|---|---|---|---|
NVD | CVE-2022-2382 | 22 Aug 202215:15 | – | nvd |
Cvelist | CVE-2022-2382 Product Slider for WooCommerce < 2.5.7 - Subscriber+ Arbitrary Options Deletion | 22 Aug 202215:02 | – | cvelist |
Patchstack | WordPress Product Slider for WooCommerce plugin <= 2.5.6 - Authenticated Arbitrary Options Deletion vulnerability | 26 Jul 202200:00 | – | patchstack |
wpexploit | Product Slider for WooCommerce < 2.5.7 - Subscriber+ Arbitrary Options Deletion | 26 Jul 202200:00 | – | wpexploit |
CVE | CVE-2022-2382 | 22 Aug 202215:15 | – | cve |
Prion | Cross site request forgery (csrf) | 22 Aug 202215:15 | – | prion |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo