CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-4108

The Wholesale Market for WooCommerce WordPress plugin before 1.0.8 does not validate user input used to generate system path, allowing high privilege users such as admin to download arbitrary file from the server even when they should not be able to (for example in multisite)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 51.7%

CVSS Severity

CVSS v3 Score 4.9

References

https://wpscan.com/vulnerability/9d1770df-91f0-41e3-af0d-522ae4e62470
https://wpscan.com/vulnerability/9d1770df-91f0-41e3-af0d-522ae4e62470

Products affected by CVE-2022-4108

Cedcommerce » Wholesale Market For Woocommerce » Version: N/A

cpe:2.3:a:cedcommerce:wholesale_market_for_woocommerce:-
Cedcommerce » Wholesale Market For Woocommerce » Version: 1.0.7

cpe:2.3:a:cedcommerce:wholesale_market_for_woocommerce:1.0.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4108

Products

Pricing

Contact Us