Role Based Pricing For Woocommerce
Approved changes feed: RSS · Atom
cpe:2.3:a:addify:role_based_pricing_for_woocommerce:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Addify (d577410d-c61a-5df6-a4bd-e62c1c21c4f0) |
|---|---|
| Product | Role Based Pricing For Woocommerce (45c4eb2c-2f82-5809-a840-a3256c1e3ad7) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-3537 |
vulnerable | 2026-06-03 14:47:58.658298 |
Role Based Pricing for WooCommerce < 1.6.2 - Subscriber+ Arbitrary File Upload
The Role Based Pricing for WooCommerce WordPress plugin before 1.6.2 does not have authorisation and proper CSRF checks, and does not validate files to be uploaded, allowing any authenticated users like subscriber to upload arbitrary files, such as PHP
Published: 2022-11-07T00:00:00.000Z
Updated: 2025-05-01T19:25:31.411Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-3536 |
vulnerable | 2026-06-03 14:47:58.657851 |
Role Based Pricing for WooCommerce < 1.6.3 - Subscriber+ PHAR Deserialization
The Role Based Pricing for WooCommerce WordPress plugin before 1.6.3 does not have authorisation and proper CSRF checks, as well as does not validate path given via user input, allowing any authenticated users like subscriber to perform PHAR deserialization attacks when they can upload a file, and a suitable gadget chain is present on the blog
Published: 2022-11-07T00:00:00.000Z
Updated: 2025-05-01T19:26:42.686Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.