logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-3451

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-3451

Description:
The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options
Last updated date:
07/21/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
11/09/2022
Reference url to background

https://wpscan.com/vulnerability/d8005cd0-8232-4d43-a4e4-14728eaf1300

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy