Lucene search
WpvulndbWPVDB-ID:ADA294DC-569D-4128-B243-C9C3E3D610B4HistoryNov 14, 2022 - 12:00 a.m.
TeraWallet - For WooCommerce < 1.4.4 - Subscriber+ Arbitrary Wallet Lock/Unlock via IDOR
2022-11-1400:00:00
wpscan.com
14
terawallet
woocommerce
vulnerability
EPSS
0.001
Percentile
19.5%
The plugin does not ensure that the wallet to lock/unlock belongs to the user making the request, allowing any authenticated users, such as subscriber to lock/unlock arbitrary wallets via an IDOR attack
Related
prion
prion
Input validation
2022-11-29 21:15:00
cvelist
cvelist
CVE-2022-3995
2022-11-29 20:43:15
patchstack
patchstack
cve
cve
CVE-2022-3995
2022-11-29 21:15:11
nvd
nvd
CVE-2022-3995
2022-11-29 21:15:11
cnvd
cnvd
WordPress TeraWallet plugin insecure direct object reference vulnerability
2022-11-30 00:00:00