CVE-2022-4309 in Subscribe2 Pluginالمعلومات

الملخص

بحسب MITRE • 16/01/2023

The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete arbitrary users by knowing their email via a CSRF attack.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

حجز

06/12/2022

إفشاء

16/01/2023

الاعتدال

تمت الموافقة

إدخال

VDB-216723

EPSS

0.00238

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Might our Artificial Intelligence support you?

Check our Alexa App!