Lucene search
China National Vulnerability DatabaseCNVD-2022-57623HistoryJun 30, 2022 - 12:00 a.m.
WordPress Social Share Buttons by Supsystic plugin跨站请求伪造漏洞
2022-06-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
0.001 Low
EPSS
Percentile
25.9%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Social Share Buttons by Supsystic plugin versions prior to 2.2.4 are vulnerable to cross-site request forgery, which stems from a failure to perform CSRF checks on its ajax endpoint and administration pages. An attacker could use this vulnerability to trick any logged-in user into manipulating or changing plugin settings, as well as creating, deleting, and renaming items and networks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress social share buttons by supsystic plugin | lt | 2.2.4 |
Related
cve
cve
CVE-2022-1653
2022-06-27 09:15:09
wpvulndb
wpvulndb
Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRF
2022-06-01 00:00:00
cvelist
cvelist
CVE-2022-1653 Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRF
2022-06-27 08:57:22
prion
prion
Cross site request forgery (csrf)
2022-06-27 09:15:00
nvd
nvd
CVE-2022-1653
2022-06-27 09:15:09
wpexploit
wpexploit
Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRF
2022-06-01 00:00:00
patchstack
patchstack