CVE-2022-4309 in Subscribe2 Plugininfo

Zusammenfassung

von MITRE • 16.01.2023

The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete arbitrary users by knowing their email via a CSRF attack.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservieren

06.12.2022

Veröffentlichung

16.01.2023

Moderieren

akzeptiert

Eintrag

VDB-216723

CPE

bereit

EPSS

0.00238

KEV

nein

Aktivitäten

very low

Quellen

Want to stay up to date on a daily basis?

Enable the mail alert feature now!