CVE Vulnerabilities

CVE-2022-3490

Published: Nov 28, 2022 | Modified: Apr 25, 2025
CVSS 3.x
7.2
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

The Checkout Field Editor (Checkout Manager) for WooCommerce WordPress plugin before 1.8.0 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present

Affected Software

Name Vendor Start Version End Version
Checkout_field_editor_for_woocommerce Themehigh * 1.8.0 (excluding)

References