The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number WordPress plugin through 1.0.1, Custom Registration Forms Builder WordPress plugin before 1.0.2, Advanced Free Gifts WordPress plugin before 1.0.2, Gift Registry for WooCommerce WordPress plugin through 1.0.1, Image Watermark for WooCommerce WordPress plugin before 1.0.1, Order Approval for WooCommerce WordPress plugin before 1.1.0, Order Tracking for WooCommerce WordPress plugin before 1.0.2, Price Calculator for WooCommerce WordPress plugin through 1.0.3, Product Dynamic Pricing and Discounts WordPress plugin through 1.0.6, Product Labels and Stickers WordPress plugin through 1.0.1 have flawed CSRF checks in various places, which could allow attackers to make logged in users perform unwanted actions
References
| Link | Resource |
|---|---|
| https://wpscan.com/vulnerability/2c2379d0-e373-4587-a747-429d7ee8f6cc | Exploit Third Party Advisory |
| https://wpscan.com/vulnerability/2c2379d0-e373-4587-a747-429d7ee8f6cc | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:36
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://wpscan.com/vulnerability/2c2379d0-e373-4587-a747-429d7ee8f6cc - Exploit, Third Party Advisory |
07 Nov 2023, 03:59
| Type | Values Removed | Values Added |
|---|---|---|
| CWE |
04 Aug 2023, 17:26
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://wpscan.com/vulnerability/2c2379d0-e373-4587-a747-429d7ee8f6cc - Exploit, Third Party Advisory | |
| CPE | cpe:2.3:a:addify:custom_order_number:*:*:*:*:*:wordpress:*:* cpe:2.3:a:addify:order_tracking_for_woocommerce:*:*:*:*:*:wordpress:*:* cpe:2.3:a:addify:order_approval_for_woocommerce:*:*:*:*:*:wordpress:*:* cpe:2.3:a:addify:abandoned_cart_recovery:*:*:*:*:*:wordpress:*:* cpe:2.3:a:addify:custom_fields_for_woocommerce:*:*:*:*:*:wordpress:*:* cpe:2.3:a:addify:image_watermark_for_woocommerce:*:*:*:*:*:wordpress:*:* cpe:2.3:a:addify:gift_registry_for_woocommerce:*:*:*:*:*:wordpress:*:* cpe:2.3:a:addify:custom_registration_forms_builder:*:*:*:*:*:wordpress:*:* cpe:2.3:a:addify:advanced_free_gifts:*:*:*:*:*:wordpress:*:* cpe:2.3:a:addify:checkout_fields_manager:*:*:*:*:*:wordpress:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| First Time |
Addify custom Registration Forms Builder
Addify image Watermark For Woocommerce Addify custom Order Number Addify gift Registry For Woocommerce Addify order Tracking For Woocommerce Addify order Approval For Woocommerce Addify checkout Fields Manager Addify abandoned Cart Recovery Addify custom Fields For Woocommerce Addify advanced Free Gifts Addify |
31 Jul 2023, 10:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-07-31 10:15
Updated : 2024-11-21 07:36
NVD link : CVE-2022-4888
Mitre link : CVE-2022-4888
CVE.ORG link : CVE-2022-4888
JSON object : View
Products Affected
addify
- gift_registry_for_woocommerce
- custom_order_number
- custom_fields_for_woocommerce
- abandoned_cart_recovery
- checkout_fields_manager
- custom_registration_forms_builder
- order_approval_for_woocommerce
- order_tracking_for_woocommerce
- advanced_free_gifts
- image_watermark_for_woocommerce
CWE
No CWE.