Source |
CVE Liste |
Identifiant |
8290470 |
Date de publication |
2022-12-12 18:15:11 (vue: 2022-12-12 20:07:08) |
Titre |
CVE-2022-3883 |
Texte |
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 7.24 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress.org |
Envoyé |
Oui |
Condensat |
2022 3883 action activate ajax allowing anti any arbitrary authenticated authorisation bad before block bots call crawlers csrf cve does from have install not org plugin plugins proper protection spam spiders stop subscriber such users wordpress |
Tags |
Spam
|
Stories |
|
Notes |
|
Move |
|