CVE-2023-3547

Summary

The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly check nonce values in several actions, allowing an attacker to perform CSRF attacks.

Affected Software

VendorProductVersion RangeStatus
UnknownAll in One B2B for WooCommerce0 <= 1.0.3affected

Weaknesses

  • CWE-352 Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References