The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly check nonce values in several actions, allowing an attacker to perform CSRF attacks.
References
| Link | Resource |
|---|---|
| https://wpscan.com/vulnerability/3cfb6696-18ad-4a38-9ca3-992f0b768b78 | Exploit Third Party Advisory |
| https://wpscan.com/vulnerability/3cfb6696-18ad-4a38-9ca3-992f0b768b78 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:17
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://wpscan.com/vulnerability/3cfb6696-18ad-4a38-9ca3-992f0b768b78 - Exploit, Third Party Advisory |
07 Nov 2023, 04:18
| Type | Values Removed | Values Added |
|---|---|---|
| CWE |
26 Sep 2023, 16:24
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
All In One B2b For Woocommerce Project
All In One B2b For Woocommerce Project all In One B2b For Woocommerce |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| References | (MISC) https://wpscan.com/vulnerability/3cfb6696-18ad-4a38-9ca3-992f0b768b78 - Exploit, Third Party Advisory | |
| CPE | cpe:2.3:a:all_in_one_b2b_for_woocommerce_project:all_in_one_b2b_for_woocommerce:*:*:*:*:*:wordpress:*:* |
25 Sep 2023, 16:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-09-25 16:15
Updated : 2025-04-23 17:16
NVD link : CVE-2023-3547
Mitre link : CVE-2023-3547
CVE.ORG link : CVE-2023-3547
JSON object : View
Products Affected
all_in_one_b2b_for_woocommerce_project
- all_in_one_b2b_for_woocommerce
CWE
No CWE.