Skip to main content

Role Based Pricing For Woocommerce

2 CVEs product

Monthly

CVE-2022-3537 HIGH POC This Week

The Role Based Pricing for WooCommerce WordPress plugin before 1.6.2 does not have authorisation and proper CSRF checks, and does not validate files to be uploaded, allowing any authenticated users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress Role Based Pricing For Woocommerce
NVD WPScan VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-3536 HIGH POC This Week

The Role Based Pricing for WooCommerce WordPress plugin before 1.6.3 does not have authorisation and proper CSRF checks, as well as does not validate path given via user input, allowing any. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress Deserialization Role Based Pricing For Woocommerce
NVD WPScan VulDB
CVSS 3.1
8.8
EPSS
0.5%
EPSS 0% CVSS 8.8
HIGH POC This Week

The Role Based Pricing for WooCommerce WordPress plugin before 1.6.2 does not have authorisation and proper CSRF checks, and does not validate files to be uploaded, allowing any authenticated users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress Role Based Pricing For Woocommerce
NVD WPScan VulDB
EPSS 1% CVSS 8.8
HIGH POC This Week

The Role Based Pricing for WooCommerce WordPress plugin before 1.6.3 does not have authorisation and proper CSRF checks, as well as does not validate path given via user input, allowing any. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress Deserialization +1
NVD WPScan VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy