Lucene search
PatchstackCVELIST:CVE-2022-40128HistoryNov 08, 2022 - 6:15 p.m.
CVE-2022-40128 WordPress Advanced Order Export For WooCommerce plugin <= 3.3.2 - Cross-Site Request Forgery (CSRF) vulnerability
2022-11-0818:15:18
CWE-352
Patchstack
www.cve.org
4
wordpress
woocommerce
csrf
vulnerability
file download
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
EPSS
0.001
Percentile
31.4%
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin <= 3.3.2 on WordPress leading to export file download.
CNA Affected
[
{
"vendor": "AlgolPlus",
"product": "Advanced Order Export For WooCommerce (WordPress plugin)",
"versions": [
{
"version": "<= 3.3.2",
"status": "affected",
"lessThanOrEqual": "3.3.2",
"versionType": "custom"
}
]
}
]Related
patchstack
patchstack
wpvulndb
wpvulndb
Advanced Order Export For WooCommerce < 3.3.3 - Export Files via CSRF
2022-10-20 00:00:00
cve
cve
CVE-2022-40128
2022-11-08 19:15:13
nvd
nvd
CVE-2022-40128
2022-11-08 19:15:13
openvas
openvas
prion
prion
Cross site request forgery (csrf)
2022-11-08 19:15:00
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
EPSS
0.001
Percentile
31.4%
Related for CVELIST:CVE-2022-40128