What the vulnerability does
01Description
Auth. (subscriber+) Broken Access Control vulnerability in WooSwipe WooCommerce Gallery plugin <= 2.0.1 on WordPress.
CVE-2022-45066
MEDIUM
CVE-2022-45066: WordPress WooSwipe WooCommerce Gallery plugin <= 2.0.1 - Auth. Broken Access Control vulnerability
CVSS base score
5.4/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Key dates
02Disclosure timeline
November 17, 2022
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2022-35238 WordPress Awesome Filterable Portfolio plugin <= 1.9.7 - Unauthenticated Plugin Settings Change vulnerability
CVE-2021-21438 FAQ articles are shown to users without permission
CVE-2022-45369 WordPress Plugin for Google Reviews plugin <= 2.2.2 - Auth. Broken Access Control vulnerability
CVE-2023-52106
CVE-2022-38134 WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Authenticated Broken Access Control vulnerability
