CVE-2022-45813

MEDIUM EXPLOITED

WordPress Advanced AJAX Product Filters plugin <= 1.6.3.3 - Broken Access Control + CSRF

Title source: cna
STIX 2.1

Exploitation Summary

CVE-2022-45813 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

Missing Authorization vulnerability in BeRocket Advanced AJAX Product Filters allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced AJAX Product Filters: from n/a through 1.6.3.3.

Scores

CVSS v3 5.4
EPSS 0.0023
EPSS Percentile 13.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

VulnCheck KEV 2023-03-21
CWE
CWE-862
Status published
Products (1)
BeRocket/Advanced AJAX Product Filters < 1.6.3.3
Published Jun 11, 2026
Tracked Since Jun 11, 2026