Lucene search
Marco WotschkaPATCHSTACK:49EE36E7872C4DEC594171E334F5967AHistoryAug 04, 2022 - 12:00 a.m.
WordPress Ecwid Ecommerce Shopping Cart plugin <= 6.10.23 - Cross-Site Request Forgery (CSRF) vulnerability leading to Settings/Options update
2022-08-0400:00:00
Marco Wotschka
patchstack.com
10
wordpress ecwid ecommerce
csrf vulnerability
settings/options update
marco wotschka
update
version 6.10.24
0.001 Low
EPSS
Percentile
31.6%
Cross-Site Request Forgery (CSRF) vulnerability leading to Settings/Options update discovered by Marco Wotschka in WordPress Ecwid Ecommerce Shopping Cart plugin (versions <= 6.10.23).
Solution
Update the WordPress Ecwid Shopping Cart plugin to the latest available version (at least 6.10.24).
| CPE | Name | Operator | Version |
|---|---|---|---|
| ecwid shopping cart | le | 6.10.23 |
Related
cvelist
cvelist
wordfence
wordfence
prion
prion
Cross site request forgery (csrf)
2022-09-06 18:15:00
cve
cve
CVE-2022-2432
2022-09-06 18:15:13
nvd
nvd
CVE-2022-2432
2022-09-06 18:15:13
wpvulndb
wpvulndb
Ecwid Ecommerce Shopping Cart < 6.10.24 - Settings Update via CSRF
2022-08-04 00:00:00
packetstorm
packetstorm
WordPress Ecwid Ecommerce Shopping Cart 6.10.23 Cross Site Request Forgery
2022-08-05 00:00:00