CVE-2022-45813
MEDIUM EXPLOITEDWordPress Advanced AJAX Product Filters plugin <= 1.6.3.3 - Broken Access Control + CSRF
Title source: cnaExploitation Summary
CVE-2022-45813 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
Missing Authorization vulnerability in BeRocket Advanced AJAX Product Filters allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced AJAX Product Filters: from n/a through 1.6.3.3.
References (1)
Core 1
Scores
CVSS v3
5.4
EPSS
0.0023
EPSS Percentile
13.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
VulnCheck KEV
2023-03-21
CWE
CWE-862
Status
published
Products (1)
BeRocket/Advanced AJAX Product Filters
< 1.6.3.3
Published
Jun 11, 2026
Tracked Since
Jun 11, 2026