CVE Catalog

CVE-2022-44630

MediumCVSS 4.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.03%

9th percentile — higher than 9% of all known CVEs

Summary

CSRF vulnerability in YITH WooCommerce Product Slider Carousel allows Cross Site Request Forgery. This affects versions from n/a through 1.16.0.

Risk Assessment

An attacker could exploit this vulnerability to perform unauthorized actions on behalf of users, potentially leading to data loss or unauthorized access.

Recommendation

It is recommended to update the YITH WooCommerce Product Slider Carousel plugin to the latest version to mitigate the risk associated with this vulnerability.

Original NVD description (English source)

Cross-Site request forgery (CSRF) vulnerability in YITH YITH WooCommerce Product Slider Carousel allows Cross Site Request Forgery. This issue affects YITH WooCommerce Product Slider Carousel: from n/a through 1.16.0.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS