by vicarius
Log in
Join community

CVE-2022-3688

21 Nov 2022
The WPQA Builder WordPress plugin before 5.9 does not have CSRF check when following and unfollowing users, which could allow attackers to make logged in users perform such actions via CSRF attacks

VTranslations (0)

Remedies (0)

Apps (0)

No Apps

Operating Systems (0)

No Operating Systems

Comments (0)

CVE-2022-3688

8.8 Critical Severity
Share
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Tags (8)
#known_vulnerability#easy_to_exploit#confidentiality_impact_if_exploited#integrity_impact_if_exploited#availability_impact_if_exploited#user_interaction_required_for_exploiting#new_vulnerability_published#CVE-2022-3688
Vulnerability Categories (1)
Cross-Site Request Forgery (CSRF)
Advisory Links (1)
wpscan.com/vulner...

Related