← Volver a CVEs
CVE-2022-4017
HIGH8.8
Descripcion
The Booster for WooCommerce WordPress plugin before 6.0.1, Booster Plus for WooCommerce WordPress plugin before 6.0.1, Booster Elite for WooCommerce WordPress plugin before 6.0.1 have either flawed CSRF checks or are missing them completely in numerous places, allowing attackers to make logged in users perform unwanted actions via CSRF attacks
Detalles CVE
Puntuacion CVSS v3.18.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado1/23/2023
Ultima modificacion4/2/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
booster:booster_elite_woocommercebooster:booster_for_woocommercebooster:booster_plus_woocommerce
Referencias
https://wpscan.com/vulnerability/609072d0-9bb9-4fe0-9626-7e4a334ca3a4(contact@wpscan.com)
https://wpscan.com/vulnerability/609072d0-9bb9-4fe0-9626-7e4a334ca3a4(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.