Server Side Request Forgery (SSRF) vulnerability affecting multiple WordPress plugins

Summary

CVE	CVE-2022-40700
State	PUBLISHED
Assigner	Patchstack
Source Priority	CVE Program / NVD first with legacy fallback
Published	2024-01-19 15:15:08 UTC
Updated	2026-04-28 19:18:47 UTC
Description	Server-Side Request Forgery (SSRF) vulnerability in Montonio Montonio for WooCommerce, Wpopal Wpopal Core Features, AMO for WP – Membership Management ArcStone wp-amo, Long Watch Studio WooVirtualWallet – A virtual wallet for WooCommerce, Long Watch Studio WooVIP – Membership plugin for WordPress and WooCommerce, Long Watch Studio WooSupply – Suppliers, Supply Orders and Stock Management, Squidesma Theme Minifier, Paul Clark Styles styles, Designmodo Inc. WordPress Page Builder – Qards, Philip M. Hofer (Frumph) PHPFreeChat, Arun Basil Lal Custom Login Admin Front-end CSS, Team Agence-Press CSS Adder By Agence-Press, Unihost Confirm Data, deano1987 AMP Toolbox amp-toolbox, Arun Basil Lal Admin CSS MU.This issue affects Montonio for WooCommerce: from n/a through 6.0.1; Wpopal Core Features: from n/a through 1.5.8; ArcStone: from n/a through 4.6.6; WooVirtualWallet – A virtual wallet for WooCommerce: from n/a through 2.2.1; WooVIP – Membership plugin for WordPress and WooCommerce: from n/a through 1.4.4; WooSupply – Suppliers, Supply Orders and Stock Management: from n/a through 1.2.2; Theme Minifier: from n/a through 2.0; Styles: from n/a through 1.2.3; WordPress Page Builder – Qards: from n/a through 1.0.5; PHPFreeChat: from n/a through 0.2.8; Custom Login Admin Front-end CSS: from n/a through 1.4.1; CSS Adder By Agence-Press: from n/a through 1.5.0; Confirm Data: from n/a through 1.0.7; AMP Toolbox: from n/a through 2.1.1; Admin CSS MU: from n/a through 2.6.

Risk And Classification

Primary CVSS: v3.1 9.8 CRITICAL from [email protected]

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem Types: CWE-918 | CWE-918 CWE-918 Server-Side Request Forgery (SSRF)

Version	Source	Type	Score	Severity	Vector
3.1	[email protected]	Primary	9.8	CRITICAL	`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`
3.1	[email protected]	Secondary	8.2	HIGH	`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N`
3.1	CNA	CVSS	8.2	HIGH	`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N`

CVSS v3.1 Breakdown

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Agence-press	Css Adder	All	All	All	All
Application	Arcstone	Amo For Wp - Membership Management	All	All	All	All
Application	Deano	Amp Toolbox	All	All	All	All
Application	Designmodo	Qards	All	All	All	All
Application	Frumph	Phpfreechat	All	All	All	All
Application	Longwatchstudio	Woosupply	All	All	All	All
Application	Longwatchstudio	Woovip	All	All	All	All
Application	Longwatchstudio	Woovirtualwallet	All	All	All	All
Application	Millionclues	Admin Css Mu	All	All	All	All
Application	Millionclues	Custom Login Admin Front-end Css	All	All	All	All
Application	Montonio	Montonio For Woocommerce	All	All	All	All
Application	Paulclark	Styles	All	All	All	All
Application	Squidesma	Theme Minifier	All	All	All	All
Application	Unihost	Confirm Data	All	All	All	All
Application	Wpopal	Wpopal Core Features	All	All	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Montonio	Montonio For WooCommerce	affected n/a 6.0.1 custom	Not specified
CNA	Wpopal	Wpopal Core Features	affected n/a 1.5.8 custom	Not specified
CNA	AMO For WP Membership Management	ArcStone	affected n/a 4.6.6 custom	Not specified
CNA	Long Watch Studio	WooVirtualWallet A Virtual Wallet For WooCommerce	affected n/a 2.2.1 custom	Not specified
CNA	Long Watch Studio	WooVIP Membership Plugin For WordPress And WooCommerce	affected n/a 1.4.4 custom	Not specified
CNA	Long Watch Studio	WooSupply Suppliers Supply Orders And Stock Management	affected n/a 1.2.2 custom	Not specified
CNA	Squidesma	Theme Minifier	affected n/a 2.0 custom	Not specified
CNA	Paul Clark	Styles	affected n/a 1.2.3 custom	Not specified
CNA	Designmodo Inc.	WordPress Page Builder Qards	affected n/a 1.0.5 custom	Not specified
CNA	Philip M. Hofer Frumph	PHPFreeChat	affected n/a 0.2.8 custom	Not specified
CNA	Arun Basil Lal	Custom Login Admin Front-end CSS	affected n/a 1.4.1 custom	Not specified
CNA	Team Agence-Press	CSS Adder By Agence-Press	affected n/a 1.5.0 custom	Not specified
CNA	Unihost	Confirm Data	affected n/a 1.0.7 custom	Not specified
CNA	Deano1987	AMP Toolbox	affected n/a 2.1.1 custom	Not specified
CNA	Arun Basil Lal	Admin CSS MU	affected n/a 2.6 custom	Not specified

References

Reference	Source	Link	Tags
WordPress AMO for WP plugin <= 4.6.6 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress PHPFreeChat plugin <= 0.2.8 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress Admin CSS MU plugin <= 2.6 - Server-Side Request Forgery (SSRF) vulnerability - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress WordPress Page Builder - Qards plugin <= 1.0.5 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress Custom Login Admin Front-end CSS plugin <= 1.4.1 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress Wpopal Core Features plugin <= 1.5.8 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress AMP Toolbox plugin <= 2.1.1 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress CSS Adder By Agene-Press plugin <= 1.5.0 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress WooVIP plugin <= 1.4.4 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress WooVirtualWallet plugin <= 2.2.1 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress WooSupply plugin <= 1.2.2 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress Theme Minifier plugin <= 2.0 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress Styles plugin <= 1.2.3 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress Montonio for WooCommerce plugin <= 6.0.1 - Server Side Request Forgery (SSRF) - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
WordPress Confirm Data plugin <= 1.0.7 - Unauth. Server-Side Request Forgery (SSRF) vulnerability - Patchstack	af854a3a-2127-422b-91ae-364da2661108	patchstack.com	Third Party Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

Vendor Comments And Credit

Discovery Credit

CNA: Dave Jong (Patchstack) (en)

Additional Advisory Data

Solutions

CNA: Update Montonio for WooCommerce to 6.0.2 or a higher version. Update Custom Login Admin Front-end CSS to 1.5 or a higher version. Update Admin CSS MU to 2.7 or a higher version

There are currently no legacy QID mappings associated with this CVE.