Skip to main content

Yukassa For Woocommerce

2 CVEs product

Monthly

CVE-2022-36379 HIGH This Week

Cross-Site Request Forgery (CSRF) leading to plugin settings update in YooMoney ЮKassa для WooCommerce plugin <= 2.3.0 at WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress Yukassa For Woocommerce
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-34868 MEDIUM PATCH This Month

Authenticated Arbitrary Settings Update vulnerability in YooMoney ЮKassa для WooCommerce plugin <= 2.3.0 at WordPress. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

WordPress Privilege Escalation Yukassa For Woocommerce
NVD
CVSS 3.1
6.5
EPSS
0.9%
EPSS 0% CVSS 8.8
HIGH This Week

Cross-Site Request Forgery (CSRF) leading to plugin settings update in YooMoney ЮKassa для WooCommerce plugin <= 2.3.0 at WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress Yukassa For Woocommerce
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Authenticated Arbitrary Settings Update vulnerability in YooMoney ЮKassa для WooCommerce plugin <= 2.3.0 at WordPress. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

WordPress Privilege Escalation Yukassa For Woocommerce
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy