CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-4106

The Wholesale Market for WooCommerce WordPress plugin before 1.0.7 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.7%

CVSS Severity

CVSS v3 Score 7.5

References

https://wpscan.com/vulnerability/b60a0d3d-148f-4e9b-baee-7332890804ed
https://wpscan.com/vulnerability/b60a0d3d-148f-4e9b-baee-7332890804ed

Products affected by CVE-2022-4106

Cedcommerce » Wholesale Market For Woocommerce » Version: N/A

cpe:2.3:a:cedcommerce:wholesale_market_for_woocommerce:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4106

Products

Pricing

Contact Us