exploitDog

GHSA-45j4-484p-rcm6

Опубликовано: 25 сент. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly check nonce values in several actions, allowing an attacker to perform CSRF attacks.

The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly check nonce values in several actions, allowing an attacker to perform CSRF attacks.

Ссылки

EPSS

Процентиль: 42%

0.00202

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2023-3547

CVSS3: 8.8

nvd

больше 2 лет назад

The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly check nonce values in several actions, allowing an attacker to perform CSRF attacks.

EPSS

Процентиль: 42%

0.00202

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352