Vulnerability CVE-2022-2555
Published: 2022-08-22

Description:
The Yotpo Reviews for WooCommerce WordPress plugin through 2.0.4 lacks nonce check when updating its settings, which could allow attacker to make a logged in admin change them via a CSRF attack.

Type:

CWE-352

 (Cross-Site Request Forgery (CSRF))

 References:
https://wpscan.com/vulnerability/7ec9e493-bc48-4a5d-8c7e-34beaba892ae
Copyright 2026, cxsecurity.com

 

Back to Top