Lucene search
K

5 matches found

Nuclei
Nuclei
added 2026/02/12 12:3 a.m.10 views

WordPress Popup Builder <= 4.1.11 - Cross-Site Request Forgery

Sygnoos Popup Builder plugin = 4.1.11 for WordPress contains a cross-site request forgery caused by lack of CSRF protection in plugin settings update, letting attackers change settings without authorization, exploit requires victim to visit malicious site or click malicious link. id: CVE-2022-294...

5.4CVSS5.1AI score0.0043EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/07/22 4:39 p.m.6 views

CVE-2022-29495 WordPress Popup Builder plugin <= 4.1.11 - Cross-Site Request Forgery (CSRF) leading to plugin settings update

Cross-Site Request Forgery CSRF vulnerability in Sygnoos Popup Builder plugin = 4.1.11 at WordPress allows an attacker to update plugin settings...

5.4CVSS5.5AI score0.0043EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/07/22 4:39 p.m.24 views

CVE-2022-29495 WordPress Popup Builder plugin <= 4.1.11 - Cross-Site Request Forgery (CSRF) leading to plugin settings update

Cross-Site Request Forgery CSRF vulnerability in Sygnoos Popup Builder plugin = 4.1.11 at WordPress allows an attacker to update plugin settings...

5.4CVSS5.8AI score0.0043EPSS
Exploits0References2
CVE
CVE
added 2022/07/22 4:39 p.m.91 views

CVE-2022-29495

Concisely: The WordPress plugin Sygnoos Popup Builder (WP Plugin: Popup Builder) is affected up to version 4.1.11 by a Cross-Site Request Forgery (CSRF) vulnerability that allows an attacker to update plugin settings. The root cause is insufficient CSRF protection in settings update handling. Rep...

5.4CVSS4.6AI score0.0043EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/06/30 7:42 a.m.5 views

CVE-2022-29495

Cross-Site Request Forgery CSRF vulnerability in Sygnoos Popup Builder plugin = 4.1.11 at WordPress allows an attacker to update plugin settings...

5.4CVSS4.9AI score0.0043EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder