cleantalk
Vulnerabilities and Security Researches

Syncee – Global Dropshipping, CVE-2022-3694

CVE, Research URL

CVE-2022-3694

Home page URL

Security reports for Syncee – Global Dropshipping

Application

Syncee – Global Dropshipping

Published on
Dec 05, 2022
Research Description
The Syncee WordPress plugin before 1.0.10 leaks the administrator token that can be used to take over the administrator's account.
Affected versions
max 1.0.10.
Status
vulnerable
Previous vulnerability researches
Syncee – Global Dropshipping (CVE-2026-54846) , Jun 25, 2026
Syncee – Global Dropshipping (CVE-2022-3694) , Jun 06, 2024
New vulnerability
Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin (CVE-2026-7761) , Jun 25, 2026
Five Star Restaurant Reservations – WordPress Booking Plugin (CVE-2026-54830) , Jun 25, 2026
MapPress Maps for WordPress (CVE-2026-56011) , Jun 25, 2026
WP Photo Album Plus (CVE-2026-54829) , Jun 25, 2026
Infility Global (CVE-2026-7842) , Jun 25, 2026