Vulnerabilities > CVE-2022-0989 - Unspecified vulnerability in Nsthemes NS Watermark for Woocommerce 2.11.3

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

nsthemes

NVD

Published: 2022-04-11

Updated: 2024-11-21

Summary

An unprivileged user could use the functionality of the NS WooCommerce Watermark WordPress plugin through 2.11.3 to load images that hide malware for example from passing malicious domains to hide their trace, by making them pass through the vulnerable domain.

Vulnerable Configurations

Part	Description	Count
Application	Nsthemes Nsthemes NS Watermark FOR Woocommerce - Nsthemes NS Watermark FOR Woocommerce 2.11.3	2

References

https://wpscan.com/vulnerability/a6bfc150-8e3f-4b2d-a6e1-09406af41dd4
https://wpscan.com/vulnerability/a6bfc150-8e3f-4b2d-a6e1-09406af41dd4