CVE-2022-41685

Description

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Viszt Péter's Integration for Szamlazz.hu & WooCommerce plugin <= 5.6.3.2 and Csomagpontok és szállítási címkék WooCommerce-hez plugin <= 1.9.0.2 on WordPress.

Affected (2)

Products: Visztpeter: Integration For Szamlazz.hu & Woocommerce, Package Points And Shipping Labels For Woocommerce

Visztpeter

2 products

Integration For Szamlazz.hu & Woocommerce

Package Points And Shipping Labels For Woocommerce

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Visztpeter Integration For Szamlazz.hu & Woocommerce	Before 5.6.3.3
Visztpeter Package Points And Shipping Labels For Woocommerce	Before 1.9.0.3

Related CWEs

CWE-352

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (8)

https://patchstack.com/database/vulnerability/hungarian-pickup-points-for-woocommerce/wordpress-csomagpontok-es-szallitasi-cimkek-woocommerce-hez-plugin-1-9-0-2-multiple-cross-site-request-forgery-csrf-vulnerabilities?_s_id=cve

Source: audit@patchstack.com

Third Party Advisory

https://patchstack.com/database/vulnerability/integration-for-szamlazzhu-woocommerce/wordpress-integration-for-szamlazz-hu-woocommerce-plugin-5-6-3-2-multiple-cross-site-request-forgery-csrf-vulnerabilities?_s_id=cve

Source: audit@patchstack.com

Third Party Advisory

https://wordpress.org/plugins/hungarian-pickup-points-for-woocommerce/#developers

Source: audit@patchstack.com

Release NotesThird Party Advisory

https://wordpress.org/plugins/integration-for-szamlazzhu-woocommerce/#developers

Source: audit@patchstack.com

Release NotesThird Party Advisory

https://patchstack.com/database/vulnerability/hungarian-pickup-points-for-woocommerce/wordpress-csomagpontok-es-szallitasi-cimkek-woocommerce-hez-plugin-1-9-0-2-multiple-cross-site-request-forgery-csrf-vulnerabilities?_s_id=cve

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://patchstack.com/database/vulnerability/integration-for-szamlazzhu-woocommerce/wordpress-integration-for-szamlazz-hu-woocommerce-plugin-5-6-3-2-multiple-cross-site-request-forgery-csrf-vulnerabilities?_s_id=cve

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://wordpress.org/plugins/hungarian-pickup-points-for-woocommerce/#developers

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesThird Party Advisory

https://wordpress.org/plugins/integration-for-szamlazzhu-woocommerce/#developers

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesThird Party Advisory

Description

Affected (2)

Related CWEs

References (8)

Timeline