CVE-2022-4016

The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.6, Booster Elite for WooCommerce WordPress plugin before 1.1.8 does not properly check for CSRF when creating and deleting Customer roles, allowing attackers to make logged admins create and delete arbitrary custom roles via CSRF attacks

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://wpscan.com/vulnerability/9b77044c-fd3f-4e6f-a759-dcc3082dcbd6	Exploit Third Party Advisory
https://wpscan.com/vulnerability/9b77044c-fd3f-4e6f-a759-dcc3082dcbd6	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:booster:booster_for_woocommerce:::::elite:wordpress::
	cpe:2.3:a:booster:booster_for_woocommerce:::::plus:wordpress::
	cpe:2.3:a:booster:booster_for_woocommerce::::::wordpress::*

History

21 Nov 2024, 07:34

Type	Values Removed	Values Added
References	~~() https://wpscan.com/vulnerability/9b77044c-fd3f-4e6f-a759-dcc3082dcbd6 - Exploit, Third Party Advisory~~	() https://wpscan.com/vulnerability/9b77044c-fd3f-4e6f-a759-dcc3082dcbd6 - Exploit, Third Party Advisory

07 Nov 2023, 03:56

Type	Values Removed	Values Added
CWE	~~CWE-352~~

Information

Published : 2022-12-12 18:15

Updated : 2024-11-21 07:34

NVD link : CVE-2022-4016

Mitre link : CVE-2022-4016

CVE.ORG link : CVE-2022-4016

JSON object : View

Products Affected

booster

booster_for_woocommerce

CWE

No CWE.

{"id": "CVE-2022-4016", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-12-12T18:15:13.167", "references": [{"url": "https://wpscan.com/vulnerability/9b77044c-fd3f-4e6f-a759-dcc3082dcbd6", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}, {"url": "https://wpscan.com/vulnerability/9b77044c-fd3f-4e6f-a759-dcc3082dcbd6", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "descriptions": [{"lang": "en", "value": "The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.6, Booster Elite for WooCommerce WordPress plugin before 1.1.8 does not properly check for CSRF when creating and deleting Customer roles, allowing attackers to make logged admins create and delete arbitrary custom roles via CSRF attacks"}, {"lang": "es", "value": "Booster for WooCommerce complemento para WordPress anterior a 5.6.7, Booster Plus for WooCommerce complemento para WordPress anterior a 5.6.6, Booster Elite for WooCommerce complemento para WordPress anterior a 1.1.8 no verifican correctamente si hay CSRF al crear y eliminar roles de Customer, lo que permite a los atacantes iniciar sesi\u00f3n Los administradores crean y eliminan roles personalizados arbitrarios mediante ataques CSRF."}], "lastModified": "2024-11-21T07:34:27.160", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:booster:booster_for_woocommerce:*:*:*:*:elite:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "61C65B63-8590-4F02-A890-BDAC513611CF", "versionEndExcluding": "1.1.8"}, {"criteria": "cpe:2.3:a:booster:booster_for_woocommerce:*:*:*:*:plus:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "9E1F9A06-76B3-4017-9BD7-386F53181CFD", "versionEndExcluding": "5.6.6"}, {"criteria": "cpe:2.3:a:booster:booster_for_woocommerce:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "E968BF40-54EE-45C0-989E-7CDA3934E9B8", "versionEndExcluding": "5.6.7"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}