Approved changes feed: RSS · Atom

cpe:2.3:a:all_in_one_b2b_for_woocommerce_project:all_in_one_b2b_for_woocommerce:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorAll In One B2B For Woocommerce Project (38973592-f6ae-5ba8-bb8e-05f00345c9dd)
ProductAll In One B2B For Woocommerce (e8ccde99-802a-572f-b080-b0787802a01a)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-4703 vulnerable 2026-06-08 06:16:14.401795 All in One B2B for WooCommerce <= 1.0.3 - Unauthenticated Privilege Escalation
The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to privilege escalation.
Published: 2024-01-16T15:56:47.204Z
Updated: 2025-06-20T17:05:33.061Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-3547 vulnerable 2026-06-08 06:09:39.827177 All in One B2B for WooCommerce <= 1.0.3 - Multiple CSRF
The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly check nonce values in several actions, allowing an attacker to perform CSRF attacks.
Published: 2023-09-25T15:56:55.505Z
Updated: 2025-04-23T16:15:31.643Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.