Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Unknown | Wholesale Market | unaffected |
|
||||||
| Unknown | Wholesale Market for WooCommerce | unaffected |
|
Configuration 1 [-]
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 12 Jun 2025 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Cedcommerce
Cedcommerce wholesale Market Cedcommerce wholesale Market For Woocommerce |
|
| Weaknesses | CWE-352 | |
| CPEs | cpe:2.3:a:cedcommerce:wholesale_market:*:*:*:*:*:wordpress:*:* cpe:2.3:a:cedcommerce:wholesale_market_for_woocommerce:*:*:*:*:*:wordpress:*:* |
|
| Vendors & Products |
Cedcommerce
Cedcommerce wholesale Market Cedcommerce wholesale Market For Woocommerce |
Sat, 17 May 2025 03:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Fri, 16 May 2025 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Wholesale Market WordPress plugin before 2.2.2, Wholesale Market for WooCommerce WordPress plugin before 2.0.1 have a flawed CSRF check when updating their settings, which could allow attackers to make a logged in admin update them via a CSRF attack | |
| Title | Wholesale Market <= 2.2.2 - Settings Update via CSRF | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2025-05-17T02:22:31.473Z
Reserved: 2022-12-08T12:51:31.379Z
Link: CVE-2022-4363
Vulnrichment
Updated: 2025-05-17T02:22:25.933Z
NVD
Status : Analyzed
Published: 2025-05-16T21:15:33.123
Modified: 2025-06-12T16:46:05.150
Link: CVE-2022-4363
Redhat
No data.
OpenCVE Enrichment
No data.