Untriaged
Permalink
CVE-2022-40700
8.2 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): LOW
- Availability impact (A): NONE
Server Side Request Forgery (SSRF) vulnerability affecting multiple WordPress plugins
Server-Side Request Forgery (SSRF) vulnerability in Montonio Montonio for WooCommerce, Wpopal Wpopal Core Features, AMO for WP – Membership Management ArcStone wp-amo, Long Watch Studio WooVirtualWallet – A virtual wallet for WooCommerce, Long Watch Studio WooVIP – Membership plugin for WordPress and WooCommerce, Long Watch Studio WooSupply – Suppliers, Supply Orders and Stock Management, Squidesma Theme Minifier, Paul Clark Styles styles, Designmodo Inc. WordPress Page Builder – Qards, Philip M. Hofer (Frumph) PHPFreeChat, Arun Basil Lal Custom Login Admin Front-end CSS, Team Agence-Press CSS Adder By Agence-Press, Unihost Confirm Data, deano1987 AMP Toolbox amp-toolbox, Arun Basil Lal Admin CSS MU.This issue affects Montonio for WooCommerce: from n/a through 6.0.1; Wpopal Core Features: from n/a through 1.5.8; ArcStone: from n/a through 4.6.6; WooVirtualWallet – A virtual wallet for WooCommerce: from n/a through 2.2.1; WooVIP – Membership plugin for WordPress and WooCommerce: from n/a through 1.4.4; WooSupply – Suppliers, Supply Orders and Stock Management: from n/a through 1.2.2; Theme Minifier: from n/a through 2.0; Styles: from n/a through 1.2.3; WordPress Page Builder – Qards: from n/a through 1.0.5; PHPFreeChat: from n/a through 0.2.8; Custom Login Admin Front-end CSS: from n/a through 1.4.1; CSS Adder By Agence-Press: from n/a through 1.5.0; Confirm Data: from n/a through 1.0.7; AMP Toolbox: from n/a through 2.1.1; Admin CSS MU: from n/a through 2.6.
References
- https://patchstack.com/database/vulnerability/montonio-for-woocommerce/wordpres… vdb-entry
- https://patchstack.com/database/vulnerability/wpopal-core-features/wordpress-wp… vdb-entry
- https://patchstack.com/database/vulnerability/wp-amo/wordpress-amo-for-wp-plugi… vdb-entry
- https://patchstack.com/database/vulnerability/woovirtualwallet/wordpress-woovir… vdb-entry
- https://patchstack.com/database/vulnerability/woovip/wordpress-woovip-plugin-1-… vdb-entry
- https://patchstack.com/database/vulnerability/woosupply/wordpress-woosupply-plu… vdb-entry
- https://patchstack.com/database/vulnerability/theme-minifier/wordpress-theme-mi… vdb-entry
- https://patchstack.com/database/vulnerability/styles/wordpress-styles-plugin-1-… vdb-entry
- https://patchstack.com/database/vulnerability/qards-free/wordpress-wordpress-pa… vdb-entry
- https://patchstack.com/database/vulnerability/phpfreechat/wordpress-phpfreechat… vdb-entry
- https://patchstack.com/database/vulnerability/custom-login-admin-front-end-css-… vdb-entry
- https://patchstack.com/database/vulnerability/css-adder-by-agence-press/wordpre… vdb-entry
- https://patchstack.com/database/vulnerability/confirm-data/wordpress-confirm-da… vdb-entry
- https://patchstack.com/database/vulnerability/amp-toolbox/wordpress-amp-toolbox… vdb-entry
- https://patchstack.com/database/vulnerability/admin-css-mu/wordpress-admin-css-… vdb-entry
- https://patchstack.com/database/vulnerability/styles/wordpress-styles-plugin-1-… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/qards-free/wordpress-wordpress-pa… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/phpfreechat/wordpress-phpfreechat… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/custom-login-admin-front-end-css-… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/css-adder-by-agence-press/wordpre… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/confirm-data/wordpress-confirm-da… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/amp-toolbox/wordpress-amp-toolbox… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/admin-css-mu/wordpress-admin-css-… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/montonio-for-woocommerce/wordpres… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/wpopal-core-features/wordpress-wp… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/wp-amo/wordpress-amo-for-wp-plugi… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/woovirtualwallet/wordpress-woovir… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/woovip/wordpress-woovip-plugin-1-… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/woosupply/wordpress-woosupply-plu… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/theme-minifier/wordpress-theme-mi… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/montonio-for-woocommerce/wordpres… vdb-entry
- https://patchstack.com/database/vulnerability/wpopal-core-features/wordpress-wp… vdb-entry
- https://patchstack.com/database/vulnerability/wp-amo/wordpress-amo-for-wp-plugi… vdb-entry
- https://patchstack.com/database/vulnerability/woovirtualwallet/wordpress-woovir… vdb-entry
- https://patchstack.com/database/vulnerability/woovip/wordpress-woovip-plugin-1-… vdb-entry
- https://patchstack.com/database/vulnerability/woosupply/wordpress-woosupply-plu… vdb-entry
- https://patchstack.com/database/vulnerability/theme-minifier/wordpress-theme-mi… vdb-entry
- https://patchstack.com/database/vulnerability/styles/wordpress-styles-plugin-1-… vdb-entry
- https://patchstack.com/database/vulnerability/qards-free/wordpress-wordpress-pa… vdb-entry
- https://patchstack.com/database/vulnerability/phpfreechat/wordpress-phpfreechat… vdb-entry
- https://patchstack.com/database/vulnerability/custom-login-admin-front-end-css-… vdb-entry
- https://patchstack.com/database/vulnerability/css-adder-by-agence-press/wordpre… vdb-entry
- https://patchstack.com/database/vulnerability/confirm-data/wordpress-confirm-da… vdb-entry
- https://patchstack.com/database/vulnerability/amp-toolbox/wordpress-amp-toolbox… vdb-entry
- https://patchstack.com/database/vulnerability/admin-css-mu/wordpress-admin-css-… vdb-entry
- https://patchstack.com/database/vulnerability/wp-amo/wordpress-amo-for-wp-plugi… vdb-entry
- https://patchstack.com/database/vulnerability/woovirtualwallet/wordpress-woovir… vdb-entry
- https://patchstack.com/database/vulnerability/woovip/wordpress-woovip-plugin-1-… vdb-entry
- https://patchstack.com/database/vulnerability/woosupply/wordpress-woosupply-plu… vdb-entry
- https://patchstack.com/database/vulnerability/theme-minifier/wordpress-theme-mi… vdb-entry
- https://patchstack.com/database/vulnerability/styles/wordpress-styles-plugin-1-… vdb-entry
- https://patchstack.com/database/vulnerability/qards-free/wordpress-wordpress-pa… vdb-entry
- https://patchstack.com/database/vulnerability/phpfreechat/wordpress-phpfreechat… vdb-entry
- https://patchstack.com/database/vulnerability/custom-login-admin-front-end-css-… vdb-entry
- https://patchstack.com/database/vulnerability/css-adder-by-agence-press/wordpre… vdb-entry
- https://patchstack.com/database/vulnerability/confirm-data/wordpress-confirm-da… vdb-entry
- https://patchstack.com/database/vulnerability/amp-toolbox/wordpress-amp-toolbox… vdb-entry
- https://patchstack.com/database/vulnerability/admin-css-mu/wordpress-admin-css-… vdb-entry
- https://patchstack.com/database/vulnerability/montonio-for-woocommerce/wordpres… vdb-entry
- https://patchstack.com/database/vulnerability/wpopal-core-features/wordpress-wp… vdb-entry
- https://patchstack.com/database/vulnerability/montonio-for-woocommerce/wordpres… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/wpopal-core-features/wordpress-wp… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/wp-amo/wordpress-amo-for-wp-plugi… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/woovirtualwallet/wordpress-woovir… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/woovip/wordpress-woovip-plugin-1-… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/woosupply/wordpress-woosupply-plu… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/theme-minifier/wordpress-theme-mi… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/styles/wordpress-styles-plugin-1-… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/qards-free/wordpress-wordpress-pa… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/phpfreechat/wordpress-phpfreechat… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/custom-login-admin-front-end-css-… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/css-adder-by-agence-press/wordpre… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/confirm-data/wordpress-confirm-da… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/amp-toolbox/wordpress-amp-toolbox… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/admin-css-mu/wordpress-admin-css-… vdb-entry x_transferred
Affected products
styles
- =<1.2.3
woovip
- =<1.4.4
wp-amo
- =<4.6.6
woosupply
- =<1.2.2
qards-free
- =<1.0.5
amp-toolbox
- =<2.1.1
phpfreechat
- =<0.2.8
admin-css-mu
- =<2.6
confirm-data
- =<1.0.7
theme-minifier
- =<2.0
woovirtualwallet
- =<2.2.1
wpopal-core-features
- =<1.5.8
montonio-for-woocommerce
- =<6.0.1
css-adder-by-agence-press
- =<1.5.0
custom-login-admin-front-end-css-with-multisite-support
- =<1.4.1
Matching in nixpkgs
pkgs.python312Packages.jstyleson
Python library to parse JSON with js-style comments
-
nixos-unstable -
- nixpkgs-unstable 0.0.2
pkgs.python313Packages.jstyleson
Python library to parse JSON with js-style comments
-
nixos-unstable -
- nixpkgs-unstable 0.0.2
pkgs.typstPackages.jastylest_0_1_0
You can set up style templates for writing reports, papers, and slides in Japanese. It works similarly to LaTeX
-
nixos-unstable -
- nixpkgs-unstable 0.1.0
pkgs.typstPackages.jastylest-zh_0_1_0
Article optimized for Chinese typesetting
-
nixos-unstable -
- nixpkgs-unstable 0.1.0
pkgs.gnomeExtensions.user-stylesheet-font
Load custom style sheet from ~/.config/gnome-shell/gnome-shell.css.
-
nixos-unstable -
- nixpkgs-unstable 12
pkgs.vscode-extensions.bierner.markdown-preview-github-styles
Changes VS Code's built-in markdown preview to match GitHub's styling
-
nixos-unstable -
- nixpkgs-unstable 2.2.0
Package maintainers
-
@honnip Jung seungwoo <me@honnip.page>
-
@ambroisie Bruno BELANYI <bruno.nixpkgs@belanyi.fr>
-
@cherrypiejam Gongqi Huang