CVE-2022-3490

Published: Nov 28, 2022Modified: Jun 17, 2026

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

The Checkout Field Editor (Checkout Manager) for WooCommerce WordPress plugin before 1.8.0 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present

Affected (1)

Products: Themehigh: Checkout Field Editor For Woocommerce

Themehigh

1 product

Checkout Field Editor For Woocommerce

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Themehigh Checkout Field Editor For Woocommerce	Before 1.8.0

References (2)

https://wpscan.com/vulnerability/0c9f22e0-1d46-4957-9ba5-5cca78861136

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/0c9f22e0-1d46-4957-9ba5-5cca78861136

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.