CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-4920

The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3. This is due to missing or incorrect nonce validation on the woobe_save_options function. This makes it possible for unauthenticated attackers to modify the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Additionally, input sanitization and escaping is insufficient resulting in the possibility of malicious script injection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.3%

CVSS Severity

CVSS v3 Score 4.3

References

Products affected by CVE-2023-4920

Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: N/A

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:-
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.0

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.0
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.1

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.1
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.2

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.2
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.3

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.3
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.4

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.4
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.5

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.5
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.5.1

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.5.1
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.6

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.6
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.6.1

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.6.1
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.6.2

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.6.2
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.6.3

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.6.3
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.7

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.7
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.8

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.8
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.8.1

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.8.1
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.0.9

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.0.9
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.1.0

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.1.0
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.1.1

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.1.1
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.1.2

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.1.2
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.1.3

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.1.3
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.1.3.1

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.1.3.1
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.1.3.2

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.1.3.2
Pluginus » Bear - Woocommerce Bulk Editor And Products Manager Professional » Version: 1.1.3.3

cpe:2.3:a:pluginus:bear_-_woocommerce_bulk_editor_and_products_manager_professional:1.1.3.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-4920

Products

Pricing

Contact Us