CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23982 – WordPress Perfect Brands for WooCommerce plugin <= 2.0.4 - Server Information Exposure vulnerability
https://notcve.org/view.php?id=CVE-2022-23982
28 Jan 2022 — The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure. La vulnerabilidad detectada en el plugin Perfect Brands for WooCommerce de WordPress (versiones anteriores a 2.0.4 incluyéndola) permite una exposición de información del servidor • https://patchstack.com/database/vulnerability/perfect-woocommerce-brands/wordpress-perfect-brands-for-woocommerce-plugin-2-0-4-server-information-exposure-vulnerability • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23981 – WordPress Perfect Brands for WooCommerce plugin <= 2.0.4 - Set Featured Brand vulnerability
https://notcve.org/view.php?id=CVE-2022-23981
28 Jan 2022 — The vulnerability allows Subscriber+ level users to create brands in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4). Una vulnerabilidad permite a usuarios de nivel Subscriber+ crear marcas en el plugin Perfect Brands for WooCommerce de WordPress (versiones anteriores a 2.0.4 incluyéndola) • https://patchstack.com/database/vulnerability/perfect-woocommerce-brands/wordpress-perfect-brands-for-woocommerce-plugin-2-0-4-subscriber-set-featured-brand-vulnerability • CWE-284: Improper Access Control •