MidnightBSD

Advisories for homepage_product_organizer_for_woocommerce_project

CVE-2022-30998

Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L 3.1 5.3
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
homepage_product_organizer_for_woocommerce_project homepage_product_organizer_for_woocommerce *