CVE-2022-4363
published 2025-05-16CVE-2022-4363: The Wholesale Market WordPress plugin before 2.2.2, Wholesale Market for WooCommerce WordPress plugin before 2.0.1 have a flawed CSRF check when updating their…
PriorityP428medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
EPSS
0.17%
6.2th percentile
The Wholesale Market WordPress plugin before 2.2.2, Wholesale Market for WooCommerce WordPress plugin before 2.0.1 have a flawed CSRF check when updating their settings, which could allow attackers to make a logged in admin update them via a CSRF attack
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cedcommerce | wholesale_market | < 2.2.2 | 2.2.2 |
| cedcommerce | wholesale_market_for_woocommerce | < 2.0.1 | 2.0.1 |
| chrome_chrome | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fvhp-x5xr-47xv: The Wholesale Market WordPress plugin before 2
ghsa_unreviewed·2025-05-16
CVE-2022-4363 [MEDIUM] CWE-352 GHSA-fvhp-x5xr-47xv: The Wholesale Market WordPress plugin before 2
The Wholesale Market WordPress plugin before 2.2.2, Wholesale Market for WooCommerce WordPress plugin before 2.0.1 have a flawed CSRF check when updating their settings, which could allow attackers to make a logged in admin update them via a CSRF attack
Chrome
Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2023-4361
vendor_chrome·2023-08-25·CVSS 5.3
CVE-2023-4361 [MEDIUM] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2023-4361
Stable Channel Update for ChromeOS / ChromeOS Flex
CVE-2023-4361: Inappropriate implementation in Autofill. Reported by Thomas Orlita on 2023-07-17 [$1000][ 1316379 ] Medium CVE-2023-4362: Heap buffer overflow in Mojom IDL
Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab on 2022-04-14 [$1000][ 1367085 ] Medium CVE-2023-4363: Inappropriate implementation in WebShare
Severity: medium
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-05-16
Published