CVE-2022-2245
Description
The Counter Box WordPress plugin before 1.2.1 is lacking CSRF check when activating and deactivating counters, which could allow attackers to make a logged in admin perform such actions via CSRF attacks
CWE
- CWE-352 — CWE-352 Cross-Site Request Forgery (CSRF)
Affected
- Unknown / Counter Box – WordPress plugin for countdown, timer, counter — v=1.2.1 <1.2.1 [affected]
CVSS
- (none)
References
Source
cvelistV5-main/cves/2022/2xxx/CVE-2022-2245.json