CVE-2023-52222

WordPress WooCommerce Plugin <= 8.2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2.

We have discovered 818,864 live websites that are affected by CVE-2023-52222.

Affected Software


Product	WooCommerce
Category	Ecommerce
Vulnerable Versions	from 0 through 8.2.2
Total Vulnerable Versions	582
Vulnerable Domains	818,864 live websites (63.36% of WooCommerce install base)

Common Weakness Enumeration

CWE-352 Cross-Site Request Forgery (CSRF)

Available Reports

Website List

Details

Published - Jan 8, 2024
Updated - Jan 8, 2024

Credits

Rafie Muhammad (Patchstack) (finder)

CWE

CWE-352

CVE References

CWE References

cwe.mitre.org

Countries

United States	196,862 websites

Germany	46,805 websites
France	45,032 websites
GB	41,512 websites
Italy	40,631 websites
Russia	29,609 websites
Spain	29,562 websites
Netherlands	26,197 websites
Vietnam	23,230 websites
Australia	20,413 websites

TLDs

.com	367,970 websites
.it	26,027 websites
.co.uk	23,790 websites
.de	23,238 websites
.ru	23,092 websites
.org	21,936 websites
.nl	20,319 websites
.fr	16,479 websites
.com.au	15,603 websites
.net	15,271 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

References

https://patchstack.com/database/vulnerability/woocommerce/wordpress-woocommerce-plugin-8-2-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Websites affected by CVE-2023-52222

Top websites that are affected by CVE-2023-52222. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
******.at	Austria	,**
*.*.com	United States	,**
************.com	United States	,**
*.*********.com	Italy	,**
***********.com	Germany	,**
***********.com	United States	,**
*****************.com	United States	,**
*.***********.com	United States	,**
*.***********.com	United States	,**
**********.com	United States	,**

See full domain list