EUVD-2022-42458

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Simple Bitcoin Faucets WordPress plugin lacks authorisation and CSRF, leading to Stored Cross-Site Scripting issues

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2022-3024	26 Sep 202216:21	–	circl
CNNVD	WordPress plugin Simple Bitcoin Faucets 安全漏洞	26 Sep 202200:00	–	cnnvd
CNVD	WordPress Simple Bitcoin Faucets Cross-Site Request Forgery Vulnerability	28 Sep 202200:00	–	cnvd
CVE	CVE-2022-3024	26 Sep 202200:00	–	cve
Cvelist	CVE-2022-3024 Simple Bitcoin Faucets <= 1.7.0 - Unauthorised AJAX Call to Stored XSS	26 Sep 202200:00	–	cvelist
NVD	CVE-2022-3024	26 Sep 202213:15	–	nvd
Patchstack	WordPress Bitcoin Satoshi Tools plugin <= 1.7.0 - Unauthorized AJAX Call to Stored Cross-Site Scripting (XSS) vulnerability	31 Aug 202200:00	–	patchstack
Prion	Cross site scripting	26 Sep 202213:15	–	prion
Positive Technologies	PT-2022-20029 · WordPress · Simple Bitcoin Faucets	26 Sep 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-3024	22 May 202522:48	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "a78988a9-7913-3228-ab3e-1908c80bce7d",
        "vendor": {
          "name": "Unknown"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "ee34c045-c9f1-3b75-81b6-a917a087892a",
        "product": {
          "name": "Bitcoin Satoshi Tools :  Faucets, Visitor Rewarder, Satoshi Games, Referral Program"
        },
        "product_version": "1.7.0 ≤1.7.0"
      }
    ]
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/7f43cb8e-0c1b-4528-8c5c-b81ab42778dc

03 Oct 2025 20:07Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.15.4

EPSS0.0007

SSVC