Lucene search
Muhammad Daffa (Patchstack Alliance)PATCHSTACK:F895B837A74A8D411F750F8C84AA0EAAHistorySep 14, 2022 - 12:00 a.m.
WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 - Cross-Site Request Forgery (CSRF) vulnerability
2022-09-1400:00:00
Muhammad Daffa (Patchstack Alliance)
patchstack.com
15
wordpress
dynamic pricing
woocommerce
vulnerability
csrf
patchstack alliance
EPSS
0.001
Percentile
20.8%
Cross-Site Request Forgery (CSRF) vulnerability leading to plugin settings change discovered by Muhammad Daffa (Patchstack Alliance) in WordPress Advanced Dynamic Pricing for WooCommerce plugin (versions <= 4.1.3)
Solution
Update the WordPress Advanced Dynamic Pricing for WooCommerce plugin to the latest available version (at least 4.1.4).
Related
cvelist
cvelist
cnvd
cnvd
prion
prion
Cross site request forgery (csrf)
2022-09-23 14:15:00
wpvulndb
wpvulndb
Advanced Dynamic Pricing for WooCommerce < 4.1.4 - Settings Update via CSRF
2022-09-14 00:00:00
cve
cve
CVE-2022-38095
2022-09-23 14:15:12
nvd
nvd
CVE-2022-38095
2022-09-23 14:15:12