Lucene search
PatchstackCVE-2022-46806HistoryMar 01, 2023 - 3:15 p.m.
CVE-2022-46806
2023-03-0115:15:11
CWE-352
Patchstack
web.nvd.nist.gov
27
cve-2022-46806
csrf
vulnerability
villatheme
cart all in one
woocommerce
plugin
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
AI Score
5.6
Confidence
High
EPSS
0.001
Percentile
21.4%
Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All In One For WooCommerce plugin <=Β 1.1.10 leading to cart modification.
Affected configurations
Node
villathemecart_all_in_one_for_woocommerceRange<1.1.11wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| villatheme | cart_all_in_one_for_woocommerce | * | cpe:2.3:a:villatheme:cart_all_in_one_for_woocommerce:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "woo-cart-all-in-one",
"product": "Cart All In One For WooCommerce",
"vendor": "VillaTheme",
"versions": [
{
"changes": [
{
"at": "1.1.11",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.1.10",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-46806
2023-03-01 15:15:11
prion
prion
Cross site request forgery (csrf)
2023-03-01 15:15:00
cvelist
cvelist
wordfence
wordfence
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
AI Score
5.6
Confidence
High
EPSS
0.001
Percentile
21.4%
Related for CVE-2022-46806