Lucene search

K

Button Widget Smartsoft Security Vulnerabilities

cve
cve

CVE-2022-1912

The Button Widget Smartsoft plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation on the smartsoftbutton_settings page. This makes it possible for unauthenticated attackers to update the plugins settings...

8.8CVSS

8.3AI Score

0.001EPSS

2022-07-18 05:15 PM
32
5