CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-2555

The Yotpo Reviews for WooCommerce WordPress plugin through 2.0.4 lacks nonce check when updating its settings, which could allow attacker to make a logged in admin change them via a CSRF attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.7%

CVSS Severity

CVSS v3 Score 6.5

References

https://wpscan.com/vulnerability/7ec9e493-bc48-4a5d-8c7e-34beaba892ae
https://wpscan.com/vulnerability/7ec9e493-bc48-4a5d-8c7e-34beaba892ae

Products affected by CVE-2022-2555

Yotpo Reviews For Woocommerce Project » Yotpo Reviews For Woocommerce » Version: 2.0.4

cpe:2.3:a:yotpo_reviews_for_woocommerce_project:yotpo_reviews_for_woocommerce:2.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-2555

Products

Pricing

Contact Us