CVE-2022-41805Cross-Site Request Forgery in FOR Woocommerce

CWE-352Cross-Site Request Forgery3 documents3 sources
Severity
4.3MEDIUMNVD
CNA5.4
EPSS
0.1%
top 73.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Booster FOR WoocommercePluggabl LLC Booster FOR Woocommerce
Timeline
PublishedNov 18

Description

Cross-Site Request Forgery (CSRF) vulnerability in Booster for WooCommerce plugin <= 5.6.6 on WordPress.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

NVDbooster/booster< 5.6.7

🔴Vulnerability Details

2
CVEList
WordPress Booster for WooCommerce plugin <= 5.6.6 - Cross-Site Request Forgery (CSRF) vulnerability2022-11-18
GHSA
GHSA-39r2-f9j9-hjq6: Cross-Site Request Forgery (CSRF) vulnerability in Booster for WooCommerce plugin <= 52022-11-18
CVE-2022-41805 — Cross-Site Request Forgery | cvebase