Vulnerability Details : CVE-2022-3536
Potential exploit
The Role Based Pricing for WooCommerce WordPress plugin before 1.6.3 does not have authorisation and proper CSRF checks, as well as does not validate path given via user input, allowing any authenticated users like subscriber to perform PHAR deserialization attacks when they can upload a file, and a suitable gadget chain is present on the blog
Vulnerability category: Cross-site request forgery (CSRF)
Products affected by CVE-2022-3536
- cpe:2.3:a:addify:role_based_pricing_for_woocommerce:*:*:*:*:*:wordpress:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-3536
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 25 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-3536
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2022-3536
-
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.Assigned by: contact@wpscan.com (Primary)
-
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.Assigned by: contact@wpscan.com (Primary)
References for CVE-2022-3536
-
https://wpscan.com/vulnerability/6af63aab-b7a6-4ef6-8604-4b4b99467a34
Just a moment...Exploit;Third Party Advisory
Jump to