Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Wholesale Market For Woocommerce Security Vulnerabilities

cve
cve

CVE-2022-4106

The Wholesale Market for WooCommerce WordPress plugin before 1.0.7 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server.

7.5CVSS

7.6AI Score

0.002EPSS

2022-12-19 02:15 PM
28
cve
cve

CVE-2022-4108

The Wholesale Market for WooCommerce WordPress plugin before 1.0.8 does not validate user input used to generate system path, allowing high privilege users such as admin to download arbitrary file from the server even when they should not be able to (for example in multisite)

4.9CVSS

5AI Score

0.001EPSS

2022-12-19 02:15 PM
30
cve
cve

CVE-2022-4109

The Wholesale Market for WooCommerce WordPress plugin before 2.0.0 does not validate user input against path traversal attacks, allowing high privilege users such as admin to download arbitrary logs from the server even when they should not be able to (for example in multisite)

2.7CVSS

3.9AI Score

0.001EPSS

2023-01-02 10:15 PM
31