Source |
CVE Liste |
Identifiant |
5040192 |
Date de publication |
2022-06-08 10:15:10 (vue: 2022-06-08 13:07:31) |
Titre |
CVE-2022-1709 |
Texte |
The Throws SPAM Away WordPress plugin before 3.3.1 does not have CSRF checks in place when deleting comments (either all, spam, or pending), allowing attackers to make a logged in admin delete comments via a CSRF attack |
Envoyé |
Oui |
Condensat |
1709 2022 admin all allowing attack attackers away before checks comments csrf cve delete deleting does either have logged make not pending place plugin spam throws when wordpress |
Tags |
Spam
|
Stories |
|
Notes |
|
Move |
|